1
PublicDateAtUSN: 2011-12-02
2
Candidate: CVE-2011-1777
5
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1777
6
https://usn.ubuntu.com/usn/usn-1310-1
8
Multiple buffer overflows in the (1) heap_add_entry and (2) relocate_dir
9
functions in archive_read_support_format_iso9660.c in libarchive through
10
2.8.5 allow remote attackers to cause a denial of service (application
11
crash) or possibly execute arbitrary code via a crafted ISO9660 image.
15
https://bugzilla.redhat.com/show_bug.cgi?id=705849
21
upstream: http://code.google.com/p/libarchive/source/detail?r=3158
22
upstream_libarchive: needs-triage
23
hardy_libarchive: ignored (reached end-of-life)
24
lucid_libarchive: released (2.8.0-2ubuntu0.1)
25
maverick_libarchive: released (2.8.4-1ubuntu0.10.10.1)
26
natty_libarchive: released (2.8.4-1ubuntu0.11.04.1)
27
oneiric_libarchive: released (2.8.4-1ubuntu0.11.10.1)
28
devel_libarchive: released (2.8.5-3ubuntu1)