Commit Graph

14 Commits

Author SHA1 Message Date
Hugo SIMELIERE (Schneider Electric)
5bfb71633f libarchive: Fix CVE-2026-4424
Pick patches from [1] and [2] as mentioned in Debian report in [3].

[1] d379dc0b29
[2] e1907c5832
[3] https://security-tracker.debian.org/tracker/CVE-2026-4424

(From OE-Core rev: 7fa280872275e194152cc2d355ad39c81a477d50)

Signed-off-by: Hugo SIMELIERE (Schneider Electric) <hsimeliere.opensource@witekio.com>
Reviewed-by: Bruno VERNAY <bruno.vernay@se.com>
Signed-off-by: Yoann Congal <yoann.congal@smile.fr>
Signed-off-by: Paul Barker <paul@pbarker.dev>
2026-06-10 14:35:20 +01:00
Hitendra Prajapati
5681810cc4 libarchive: fix for CVE-2026-4426
Pick patch from [1] also mentioned at Debian report in [2]

[1] c3cb1c568e
[2] https://security-tracker.debian.org/tracker/CVE-2026-4426

More details: https://nvd.nist.gov/vuln/detail/CVE-2026-4426

(From OE-Core rev: e4e78640b75acb474f82ca9e24be9a1d5b06740b)

Signed-off-by: Hitendra Prajapati <hprajapati@mvista.com>
Signed-off-by: Yoann Congal <yoann.congal@smile.fr>
Signed-off-by: Paul Barker <paul@pbarker.dev>
2026-05-12 21:31:34 +01:00
Vijay Anusuri
291a21fbd8 libarchive: Fix CVE-2026-4111
Pick patch according to [1]

[1] https://security-tracker.debian.org/tracker/CVE-2026-4111
[2] https://github.com/libarchive/libarchive/pull/2877
[3] https://access.redhat.com/errata/RHSA-2026:5063

(From OE-Core rev: c938ecea4304a57edb824f121e0ca8f79b45bb7e)

Signed-off-by: Vijay Anusuri <vanusuri@mvista.com>
Signed-off-by: Yoann Congal <yoann.congal@smile.fr>
Signed-off-by: Paul Barker <paul@pbarker.dev>
2026-05-04 13:57:30 +01:00
Peter Marko
b6ea3460e5 libarchive: fix CVE-2025-60753 regression
Pick patch from PR mentioned in v3.8.5 release notes.

(From OE-Core rev: c316c6e50e73a681c22fa03cdb59a0317495a418)

Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Yoann Congal <yoann.congal@smile.fr>
Signed-off-by: Paul Barker <paul@pbarker.dev>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2026-01-26 09:45:39 +00:00
Peter Marko
e6bfeed8f3 libarchive: patch CVE-2025-60753
Pick patch from [3] marked in [2] mentioned in [1].

[1] https://nvd.nist.gov/vuln/detail/CVE-2025-60753
[2] https://github.com/libarchive/libarchive/issues/2725
[3] https://github.com/libarchive/libarchive/pull/2787

(From OE-Core rev: 1fbd9eddbdf0da062df0510cabff6f6ee33d5752)

Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
2025-12-01 07:34:55 -08:00
Peter Marko
842fd60ebb libarchive: patch 3.8.3 security issue 2
Pick patch [2] as listed in [1].

[1] https://github.com/libarchive/libarchive/releases/tag/v3.8.3
[2] https://github.com/libarchive/libarchive/pull/2768

(From OE-Core rev: efe032eef7034009f1202985b2036fc79e06bddf)

Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
2025-12-01 07:34:55 -08:00
Peter Marko
03c1257cfd libarchive: patch 3.8.3 security issue 1
Pick patch [2] as listed in [1].
To apply it cleanly, add two additional patches from branch patch/3.8.

[1] https://github.com/libarchive/libarchive/releases/tag/v3.8.3
[2] https://github.com/libarchive/libarchive/pull/2753

(From OE-Core rev: 11f782c1ae9962a2faa98bff3566e49fbf6db017)

Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
2025-12-01 07:34:55 -08:00
Peter Marko
5368900445 libarchive: patch regression of patch for CVE-2025-5918
Picked commit per [1].

[1] https://security-tracker.debian.org/tracker/CVE-2025-5918

(From OE-Core rev: d2b8d2f7d579779a9effcff677960dbc576b1cc8)

Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
2025-09-01 08:30:56 -07:00
Divya Chellam
37be814fb2 libarchive: fix CVE-2025-5918
A vulnerability has been identified in the libarchive library. This flaw can be triggered whe
n file streams are piped into bsdtar, potentially allowing for reading past the end of the fi
le. This out-of-bounds read can lead to unintended consequences, including unpredictable prog
ram behavior, memory corruption, or a denial-of-service condition.

CVE-2025-5918-0001 is the dependent commit and CVE-2025-5918-0002 is the actual CVE fix.

Reference:
https://security-tracker.debian.org/tracker/CVE-2025-5918

Upstream-patches:
89b8c35ff4
dcbf1e0ede

(From OE-Core rev: 369c164a163b2c7f15ee5fc41130be9feaf7245e)

Signed-off-by: Divya Chellam <divya.chellam@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
2025-07-09 08:43:32 -07:00
Divya Chellam
3c2bbf4a1c libarchive: fix CVE-2025-5917
A vulnerability has been identified in the libarchive library. This flaw involves an 'off-by-
one' miscalculation when handling prefixes and suffixes for file names. This can lead to a 1-
byte write overflow. While seemingly small, such an overflow can corrupt adjacent memory, lea
ding to unpredictable program behavior, crashes, or in specific circumstances, could be lever
aged as a building block for more sophisticated exploitation.

Reference:
https://security-tracker.debian.org/tracker/CVE-2025-5917

Upstream-patch:
7c02cde37a

(From OE-Core rev: 2b6832b05bab414df1da7c74a0c6a5e5a9d75b29)

Signed-off-by: Divya Chellam <divya.chellam@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
2025-07-09 08:43:32 -07:00
Divya Chellam
0bccc5ec85 libarchive: fix CVE-2025-5916
A vulnerability has been identified in the libarchive library. This flaw
involves an integer overflow that can be triggered when processing a Web
Archive (WARC) file that claims to have more than INT64_MAX - 4 content
bytes. An attacker could craft a malicious WARC archive to induce this
overflow, potentially leading to unpredictable program behavior, memory
corruption, or a denial-of-service condition within applications that
process such archives using libarchive.

Reference:
https://security-tracker.debian.org/tracker/CVE-2025-5916

Upstream-patch:
ef09372952

(From OE-Core rev: 9c74d3a096fed68d173f8711b373a42f158d6cc7)

Signed-off-by: Divya Chellam <divya.chellam@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
2025-07-09 08:43:32 -07:00
Divya Chellam
0f2564b7c0 libarchive: fix CVE-2025-5915
A vulnerability has been identified in the libarchive library. This flaw can lead to a heap b
uffer over-read due to the size of a filter block potentially exceeding the Lempel-Ziv-Storer
-Schieber (LZSS) window. This means the library may attempt to read beyond the allocated memo
ry buffer, which can result in unpredictable program behavior, crashes (denial of service), o
r the disclosure of sensitive information from adjacent memory regions.

Reference:
https://security-tracker.debian.org/tracker/CVE-2025-5915

Upstream-patches:
a612bf62f8

(From OE-Core rev: 99fdc86ad57db4d8829a33033918cf78419977af)

Signed-off-by: Divya Chellam <divya.chellam@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
2025-07-09 08:43:32 -07:00
Divya Chellam
28f102461a libarchive: fix CVE-2025-5914
A vulnerability has been identified in the libarchive library, specifically within the archiv
e_read_format_rar_seek_data() function. This flaw involves an integer overflow that can ultim
ately lead to a double-free condition. Exploiting a double-free vulnerability can result in m
emory corruption, enabling an attacker to execute arbitrary code or cause a denial-of-service
condition.

Reference:
https://nvd.nist.gov/vuln/detail/CVE-2025-5914

Upstream-patch:
09685126fc

(From OE-Core rev: b7d8249bda296620a5bbf592f4cdf566b4537563)

Signed-off-by: Divya Chellam <divya.chellam@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
2025-07-09 08:43:32 -07:00
Peter Marko
06d60d3877 libarchive: upgrade 3.7.4 -> 3.7.9
These is update with only bug and security releases.
On top of previous CVE patches, also CVE-2024-48615 is handled.
Also many security fixes without CVE assigment are included.

Note that upgrade to 3.7.5 on master required fix of test in
python3-libarchive-c, however that recipe does not yet have ptest in
scarthgap and the fix was in test only, not in productive code, so it is
not necessary in scarthgap.

Also remove CVE_STATUS which was obsolete already before this upgrade.

(From OE-Core rev: f20516a3ed8a39d7e4deddf11dd2acd871894048)

Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
2025-04-19 14:42:10 -07:00