SUSE-SU-2024:2171-1 | Mondoo Vulnerability Intelligence

SUSE-SU-2024:2171-1

UNKNOWN

Security update for libarchive

Published Jun 22, 2024

Modified 1 years ago

Fix available

Details

This update for libarchive fixes the following issues:

CVE-2024-20696: Fixed heap based out-of-bounds write (bsc#1225971).

Affected Packages

bsdtar

SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOSSUSE Linux Enterprise High Performance Computing 15 SP4-LTSSSUSE Linux Enterprise Module for Development Tools 15 SP5SUSE Linux Enterprise Server 15 SP4-LTSSSUSE Linux Enterprise Server for SAP Applications 15 SP4

Fixed in:

3.5.1-150400.3.15.1

libarchive

SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOSSUSE Linux Enterprise High Performance Computing 15 SP4-LTSSSUSE Linux Enterprise Micro 5.3SUSE Linux Enterprise Micro 5.4SUSE Linux Enterprise Micro 5.5

Fixed in:

3.5.1-150400.3.15.1

libarchive-devel

SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOSSUSE Linux Enterprise High Performance Computing 15 SP4-LTSSSUSE Linux Enterprise Module for Basesystem 15 SP5SUSE Linux Enterprise Server 15 SP4-LTSSSUSE Linux Enterprise Server for SAP Applications 15 SP4

Fixed in:

3.5.1-150400.3.15.1

libarchive13

Fixed in:

3.5.1-150400.3.15.1

libarchive13-32bit

openSUSE Leap 15.5

Fixed in:

3.5.1-150400.3.15.1

References

REPORT

https://bugzilla.suse.com/1225971