The archive_wstring_append_from_mbs function in archive_string.c in libarchive allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted archive file. Upstream bug: https://github.com/libarchive/libarchive/issues/842 Upstream patch: https://github.com/libarchive/libarchive/commit/e8a9de5eaf3b79fc3d990d056343bb52c51c5ba4
Created libarchive tracking bugs for this issue: Affects: fedora-all [bug 1439705] Created libarchive3 tracking bugs for this issue: Affects: epel-6 [bug 1439704]
In reply to comment #0: > Upstream patch: > > https://github.com/libarchive/libarchive/commit/e8a9de5eaf3b79fc3d990d056343bb52c51c5ba4 This is not a patch fixing this problem, this was only indicated in the upstream bug as version that is no longer affected. This has been fixed in an earlier commit, the following is indicated in the upstream bug: https://github.com/libarchive/libarchive/commit/42a3408ac7df1e69bea9ea12b72e14f59f7400c0