Diffusion FreeBSD src repository 9c1ad063e5d1

libarchive: merge vendor bugfixes
9c1ad063e5d1
Actions

Description

libarchive: merge vendor bugfixes

Bugfixes:

IS #1685 and OSS-Fuzz #38764 (security):
  (ISO reader) fix possible heap buffer overflow in read_children()
IS #1715 and OSS-Fuzz #46279 (security):
  (RARv4 reader) fix heap-use-after-free in run_filters()

Approved by: re (gjb)

(cherry picked from commit 9f690fcfdc050f566466ac10cca29ff43bf4fe92)
(cherry picked from commit 43a449f2f1feae53a1302821db6940fd364fa171)

Details

Provenance

mm	Authored on Apr 3 2022, 12:21 PM

Parents

rG7e87e677f474: Bump newvers.sh for 13.1-RC1 advisories

Branches

Unknown

Tags

Unknown

Event Timeline

mm committed rG9c1ad063e5d1: libarchive: merge vendor bugfixes (authored by mm).Apr 6 2022, 11:32 AM

Changes (2)

Path

Size

contrib/

libarchive/

archive_read_support_format_iso9660.c

archive_read_support_format_rar.c

rG9c1ad063e5d1

View Options

contrib/libarchive/libarchive/archive_read_support_format_iso9660.c

View Options

contrib/libarchive/libarchive/archive_read_support_format_rar.c

libarchive: merge vendor bugfixes9c1ad063e5d1Actions

Description

Details

Event Timeline

Changes (2)

rG9c1ad063e5d1

contrib/libarchive/libarchive/archive_read_support_format_iso9660.c

contrib/libarchive/libarchive/archive_read_support_format_rar.c

libarchive: merge vendor bugfixes
9c1ad063e5d1
Actions