[SECURITY] Fedora 17 Update: libarchive-3.0.4-3.fc17

updates at fedoraproject.org updates at fedoraproject.org
Fri Apr 12 22:27:24 UTC 2013 

--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2013-4522
2013-03-29 00:53:51
--------------------------------------------------------------------------------

Name        : libarchive
Product     : Fedora 17
Version     : 3.0.4
Release     : 3.fc17
URL         : http://code.google.com/p/libarchive/
Summary     : A library for handling streaming archive formats
Description :
Libarchive is a programming library that can create and read several different
streaming archive formats, including most popular tar variants, several cpio
formats, and both BSD and GNU ar variants. It can also write shar archives and
read ISO9660 CDROM images and ZIP archives.

--------------------------------------------------------------------------------
Update Information:

This update fixes CVE-2013-0211 libarchive: read buffer overflow on 64-bit systems
--------------------------------------------------------------------------------
ChangeLog:

* Thu Mar 28 2013 Tomas Bzatek <tbzatek at redhat.com> - 3.0.4-3
- Fix CVE-2013-0211: read buffer overflow on 64-bit systems (#927105)
* Wed Oct  3 2012 Pavel Raiskup <praiskup at redhat.com> - 3.0.4-2
- better install manual pages for libarchive/bsdtar/bsdcpio (# ... )
- several fedora-review fixes ...:
- Source0 has moved to github.com
- remove trailing white spaces
- repair summary to better describe bsdtar/cpiotar utilities
* Mon May  7 2012 Tomas Bzatek <tbzatek at redhat.com> - 3.0.4-1
- Update to 3.0.4
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #902998 - CVE-2013-0211 libarchive: read buffer overflow on 64-bit systems
        https://bugzilla.redhat.com/show_bug.cgi?id=902998
--------------------------------------------------------------------------------

This update can be installed with the "yum" update program.  Use 
su -c 'yum update libarchive' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key.  More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------

More information about the package-announce mailing list