|Related CVEs||CVE-2017-14501 CVE-2017-14502 CVE-2017-14503|
Several security vulnerabilities were found in libarchive, a multi-format archive and compression library. Heap-based buffer over-reads, NULL pointer dereferences and out-of-bounds reads allow remote attackers to cause a denial-of-service (application crash) via specially crafted archive files.
For Debian 7 Wheezy, these problems have been fixed in version 3.0.4-3+wheezy6+deb7u2.
We recommend that you upgrade your libarchive packages.
Further information about Extended LTS security advisories can be found in the dedicated section of our website.