FreeBSD Security Advisory FreeBSD-SA-06:24.libarchive
Simon L. Nielsen
simon at FreeBSD.org
Wed Nov 8 16:17:42 UTC 2006
On 2006.11.08 10:36:02 -0500, Josh Paetzel wrote:
> On Wednesday 08 November 2006 08:13, FreeBSD Security Advisories
> wrote:
> > ===================================================================
> >========== FreeBSD-SA-06:24.libarchive
> > Security Advisory The FreeBSD Project
> >
> > Topic: Infinite loop in corrupt archives handling in
> > libarchive(3)
> >
> > Category: core
> > Module: libarchive
> > Announced: 2006-11-08
> > Credits: Rink Springer
> > Affects: FreeBSD 6-STABLE after 2006-09-05 05:23:51 UTC
> > Corrected: 2006-11-08 14:05:40 UTC (RELENG_6, 6.2-RC1)
> > CVE Name: CVE-2006-5680
> >
> > For general information regarding FreeBSD Security Advisories,
>
> Maybe this is an obvious question, but libarchive has been in the
> system since 5.3, but this issue only affects RELENG_6? So anyone
> tracking RELENG_6_1 isn't affected?
Correct, the bug was introduced after 6.1 was branched.
--
Simon L. Nielsen
More information about the freebsd-security
mailing list