Back to bug 1377923
| Who | When | What | Removed | Added |
|---|---|---|---|---|
| Doran Moppert | 2016-09-21 03:30:14 UTC | Blocks | 1376684 | |
| Doran Moppert | 2016-09-21 06:18:28 UTC | Whiteboard | impact=moderate,public=20160915,reported=20160915,source=oss-security,cwe=CWE-122,rhel-6/libarchive=new,rhel-7/libarchive=new,fedora-all/libarchive=new | impact=moderate,public=20160915,reported=20160915,source=oss-security,cwe=CWE-122,rhel-6/libarchive=notaffected,rhel-7/libarchive=affected,fedora-all/libarchive=affected |
| Florian Weimer | 2016-09-21 06:20:40 UTC | CC | fweimer | |
| Summary | heap based buffer overflow in detect_form (archive_read_support_format_mtree.c) | libarchive: heap based buffer overflow in detect_form (archive_read_support_format_mtree.c) | ||
| Doran Moppert | 2016-09-22 03:56:35 UTC | Whiteboard | impact=moderate,public=20160915,reported=20160915,source=oss-security,cwe=CWE-122,rhel-6/libarchive=notaffected,rhel-7/libarchive=affected,fedora-all/libarchive=affected | impact=moderate,public=20160915,reported=20160915,source=oss-security,cvss2=4.3/AV:N/AC:M/Au:N/C:N/I:N/A:P,cwe=CWE-122,rhel-6/libarchive=notaffected,rhel-7/libarchive=affected,fedora-all/libarchive=affected |
| Doran Moppert | 2016-09-22 03:56:42 UTC | Whiteboard | impact=moderate,public=20160915,reported=20160915,source=oss-security,cvss2=4.3/AV:N/AC:M/Au:N/C:N/I:N/A:P,cwe=CWE-122,rhel-6/libarchive=notaffected,rhel-7/libarchive=affected,fedora-all/libarchive=affected | impact=moderate,public=20160915,reported=20160915,source=oss-security,cvss2=4.3/AV:N/AC:M/Au:N/C:N/I:N/A:P,cvss3=4.8/CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L,cwe=CWE-122,rhel-6/libarchive=notaffected,rhel-7/libarchive=affected,fedora-all/libarchive=affected |
| Doran Moppert | 2016-09-22 03:56:47 UTC | Whiteboard | impact=moderate,public=20160915,reported=20160915,source=oss-security,cvss2=4.3/AV:N/AC:M/Au:N/C:N/I:N/A:P,cvss3=4.8/CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L,cwe=CWE-122,rhel-6/libarchive=notaffected,rhel-7/libarchive=affected,fedora-all/libarchive=affected | impact=low,public=20160915,reported=20160915,source=oss-security,cvss2=4.3/AV:N/AC:M/Au:N/C:N/I:N/A:P,cvss3=4.8/CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L,cwe=CWE-122,rhel-6/libarchive=notaffected,rhel-7/libarchive=affected,fedora-all/libarchive=affected |
| Doran Moppert | 2016-09-22 03:56:53 UTC | Severity | medium | low |
| Doran Moppert | 2016-09-22 03:56:59 UTC | Priority | medium | low |
| Doran Moppert | 2016-09-22 03:57:05 UTC | Whiteboard | impact=low,public=20160915,reported=20160915,source=oss-security,cvss2=4.3/AV:N/AC:M/Au:N/C:N/I:N/A:P,cvss3=4.8/CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L,cwe=CWE-122,rhel-6/libarchive=notaffected,rhel-7/libarchive=affected,fedora-all/libarchive=affected | impact=low,public=20160915,reported=20160915,source=oss-security,cvss2=4.3/AV:N/AC:M/Au:N/C:N/I:N/A:P,cvss3=4.8/CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L,cwe=CWE-131->CWE-125,rhel-6/libarchive=notaffected,rhel-7/libarchive=affected,fedora-all/libarchive=affected |
| Slawomir Czarko | 2016-09-22 10:07:57 UTC | CC | slawomir | |
| Doran Moppert | 2016-09-23 03:16:55 UTC | Depends On | 1378669 | |
| Doran Moppert | 2016-09-23 03:19:17 UTC | Whiteboard | impact=low,public=20160915,reported=20160915,source=oss-security,cvss2=4.3/AV:N/AC:M/Au:N/C:N/I:N/A:P,cvss3=4.8/CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L,cwe=CWE-131->CWE-125,rhel-6/libarchive=notaffected,rhel-7/libarchive=affected,fedora-all/libarchive=affected | impact=low,public=20160915,reported=20160915,source=oss-security,cvss2=4.3/AV:N/AC:M/Au:N/C:N/I:N/A:P,cvss3=4.8/CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L,cwe=CWE-131->CWE-125,rhel-6/libarchive=notaffected,rhel-7/libarchive=wontfix,fedora-all/libarchive=affected |
| Doran Moppert | 2016-09-23 03:21:20 UTC | Status | NEW | CLOSED |
| Resolution | --- | NOTABUG | ||
| Last Closed | 2016-09-22 23:21:20 UTC | |||
| Doran Moppert | 2016-09-23 03:22:55 UTC | Resolution | NOTABUG | WONTFIX |
| Doran Moppert | 2016-10-18 04:12:52 UTC | Alias | CVE-2016-8688 | |
| Doran Moppert | 2016-10-18 04:12:58 UTC | Summary | libarchive: heap based buffer overflow in detect_form (archive_read_support_format_mtree.c) | CVE-2016-8688 libarchive: heap based buffer overflow in detect_form (archive_read_support_format_mtree.c) |
| Doran Moppert | 2016-10-18 04:15:35 UTC | Whiteboard | impact=low,public=20160915,reported=20160915,source=oss-security,cvss2=4.3/AV:N/AC:M/Au:N/C:N/I:N/A:P,cvss3=4.8/CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L,cwe=CWE-131->CWE-125,rhel-6/libarchive=notaffected,rhel-7/libarchive=wontfix,fedora-all/libarchive=affected | impact=low,public=20160915,reported=20160915,source=oss-security,cvss2=4.3/AV:N/AC:M/Au:N/C:N/I:N/A:P,cvss3=4.8/CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L,cwe=CWE-131->CWE-125,rhel-6/libarchive=notaffected,rhel-7/libarchive=wontfix,fedora-all/libarchive=affected,epel-5/libarchive=affected,epel-6/libarchive3=affected |
| Doran Moppert | 2016-10-18 04:15:44 UTC | CC | anto.trande, fedora, ndevos | |
| Doran Moppert | 2016-10-18 04:19:01 UTC | Depends On | 1385674 | |
| Doran Moppert | 2016-10-18 04:20:10 UTC | Depends On | 1385675 | |
| Doran Moppert | 2016-10-18 04:21:20 UTC | Depends On | 1385676 | |
| Doran Moppert | 2016-10-18 04:31:04 UTC | Blocks | 1385672 | |
| CC | amaris | |||
| Adam Mariš | 2016-11-08 15:52:27 UTC | CC | amaris | |
| Tomas Hoger | 2019-04-10 12:56:55 UTC | Fixed In Version | libarchive 3.2.2 | |
| Product Security DevOps Team | 2019-09-29 13:57:05 UTC | Whiteboard | impact=low,public=20160915,reported=20160915,source=oss-security,cvss2=4.3/AV:N/AC:M/Au:N/C:N/I:N/A:P,cvss3=4.8/CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L,cwe=CWE-131->CWE-125,rhel-6/libarchive=notaffected,rhel-7/libarchive=wontfix,fedora-all/libarchive=affected,epel-5/libarchive=affected,epel-6/libarchive3=affected |
Back to bug 1377923