libarchive 3.1.2-7ubuntu2.1 source package in Ubuntu

Changelog

libarchive (3.1.2-7ubuntu2.1) trusty-security; urgency=medium

  * SECURITY UPDATE: absolute path traversal vulnerability in bsdcpio
    - debian/patches/CVE-2015-2304.patch: don't allow absolute paths by
      default in cpio/cpio.c, libarchive/archive.h,
      libarchive/archive_write_disk_posix.c, added test to
      libarchive/test/test_write_disk_secure.c, updated documentation in
      cpio/bsdcpio.1, libarchive/archive_write_disk.3.
    - CVE-2015-2304
 -- Marc Deslauriers <email address hidden>   Tue, 24 Mar 2015 12:43:54 -0400

Upload details

Uploaded by:
Marc Deslauriers
Uploaded to:
Trusty
Original maintainer:
Ubuntu Developers
Architectures:
any
Section:
libs
Urgency:
Medium Urgency

See full publishing history Publishing

Series Pocket Published Component Section

Downloads

File Size SHA-256 Checksum
libarchive_3.1.2.orig.tar.gz 4.3 MiB eb87eacd8fe49e8d90c8fdc189813023ccc319c5e752b01fb6ad0cc7b2c53d5e
libarchive_3.1.2-7ubuntu2.1.debian.tar.gz 15.1 KiB 06d5a0c0f2d7bb618e48e9613eb4c373ee70838b55c4ab85d17fd16f674bc451
libarchive_3.1.2-7ubuntu2.1.dsc 2.3 KiB 7e98d5bf266326314829b9eff08fc7e80085906c5afc8c2bdda0752aa145a8b1

View changes file

Binary packages built by this source

bsdcpio: Implementation of the 'cpio' program from FreeBSD

 The bsdcpio program is the default system 'cpio' program used on FreeBSD.
 bsdcpio uses the libarchive library as a backend which does all of the work for
 reading and writing archives in various formats.

bsdtar: Implementation of the 'tar' program from FreeBSD

 The bsdtar program is the default system 'tar' program used on FreeBSD. bsdtar
 uses the libarchive library as a backend which does all of the work for reading
 and writing archives in various formats.

libarchive-dev: Multi-format archive and compression library (development files)

 The libarchive library provides a flexible interface for reading and writing
 archives in various formats such as tar and cpio. libarchive also supports
 reading and writing archives compressed using various compression filters such
 as gzip and bzip2. The library is inherently stream-oriented; readers serially
 iterate through the archive, writers serially add things to the archive.
 .
 Archive formats supported are:
 .
    * tar (read and write, including GNU extensions)
    * pax (read and write, including GNU and star extensions)
    * cpio (read and write, including odc and newc variants)
    * iso9660 (read and write, including Joliet and Rockridge extensions, with
      some limitations)
    * zip (read only, with some limitations, uses zlib)
    * mtree (read and write)
    * shar (write only)
    * ar (read and write, including BSD and GNU/SysV variants)
    * empty (read only; in particular, note that no other format will accept an
      empty file)
    * raw (read only)
    * xar (read only)
    * rar (read only, with some limitations)
    * 7zip (read and write, with some limitations)
 .
 Filters supported are:
 .
    * gzip (read and write, uses zlib)
    * bzip2 (read and write, uses bzlib)
    * compress (read and write, uses an internal implementation)
    * uudecode (read only)
    * separate command-line compressors with fixed-signature auto-detection
    * xz and lzma (read and write using liblzma)
 .
 This package provides the files necessary for development with libarchive.

libarchive13: Multi-format archive and compression library (shared library)

 The libarchive library provides a flexible interface for reading and writing
 archives in various formats such as tar and cpio. libarchive also supports
 reading and writing archives compressed using various compression filters such
 as gzip and bzip2. The library is inherently stream-oriented; readers serially
 iterate through the archive, writers serially add things to the archive.
 .
 Archive formats supported are:
 .
    * tar (read and write, including GNU extensions)
    * pax (read and write, including GNU and star extensions)
    * cpio (read and write, including odc and newc variants)
    * iso9660 (read and write, including Joliet and Rockridge extensions, with
      some limitations)
    * zip (read only, with some limitations, uses zlib)
    * mtree (read and write)
    * shar (write only)
    * ar (read and write, including BSD and GNU/SysV variants)
    * empty (read only; in particular, note that no other format will accept an
      empty file)
    * raw (read only)
    * xar (read only)
    * rar (read only, with some limitations)
    * 7zip (read and write, with some limitations)
 .
 Filters supported are:
 .
    * gzip (read and write, uses zlib)
    * bzip2 (read and write, uses bzlib)
    * compress (read and write, uses an internal implementation)
    * uudecode (read only)
    * separate command-line compressors with fixed-signature auto-detection
    * xz and lzma (read and write using liblzma)
 .
 This package provides the libarchive shared library.