{"id":"RHSA-2016:1844","summary":"Red Hat Security Advisory: libarchive security update","modified":"2026-03-11T07:07:55.122304Z","published":"2024-09-15T23:36:32Z","upstream":["CVE-2015-8916","CVE-2015-8917","CVE-2015-8919","CVE-2015-8920","CVE-2015-8921","CVE-2015-8922","CVE-2015-8923","CVE-2015-8924","CVE-2015-8925","CVE-2015-8926","CVE-2015-8928","CVE-2015-8930","CVE-2015-8931","CVE-2015-8932","CVE-2015-8934","CVE-2016-1541","CVE-2016-4300","CVE-2016-4302","CVE-2016-4809","CVE-2016-5418","CVE-2016-5844","CVE-2016-6250","CVE-2016-7166"],"references":[{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2016:1844"},{"type":"ARTICLE","url":"https://access.redhat.com/security/updates/classification/#important"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1334211"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1347084"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1347085"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1347086"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1348412"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1348413"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1348414"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1348416"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1348419"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1348421"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1348423"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1348424"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1348429"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1348439"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1348444"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1348772"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1348773"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1348779"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1348780"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1349204"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1349229"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1350280"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1362601"},{"type":"ADVISORY","url":"https://security.access.redhat.com/data/csaf/v2/advisories/2016/rhsa-2016_1844.json"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2015-8916"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2015-8916"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2015-8916"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2015-8917"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2015-8917"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2015-8917"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2015-8919"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2015-8919"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2015-8919"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2015-8920"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2015-8920"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2015-8920"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2015-8921"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2015-8921"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2015-8921"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2015-8922"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2015-8922"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2015-8922"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2015-8923"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2015-8923"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2015-8923"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2015-8924"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2015-8924"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2015-8924"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2015-8925"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2015-8925"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2015-8925"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2015-8926"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2015-8926"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2015-8926"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2015-8928"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2015-8928"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2015-8928"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2015-8930"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2015-8930"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2015-8930"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2015-8931"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2015-8931"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2015-8931"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2015-8932"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2015-8932"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2015-8932"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2015-8934"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2015-8934"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2015-8934"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2016-1541"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2016-1541"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2016-1541"},{"type":"ARTICLE","url":"http://www.kb.cert.org/vuls/id/862384"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2016-4300"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2016-4300"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2016-4300"},{"type":"ARTICLE","url":"http://www.talosintel.com/reports/TALOS-2016-0152/"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2016-4302"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2016-4302"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2016-4302"},{"type":"ARTICLE","url":"http://www.talosintel.com/reports/TALOS-2016-0154/"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2016-4809"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2016-4809"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2016-4809"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2016-5418"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2016-5418"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2016-5418"},{"type":"ARTICLE","url":"http://seclists.org/oss-sec/2016/q3/255"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2016-5844"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2016-5844"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2016-5844"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2016-6250"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2016-6250"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2016-6250"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2016-7166"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2016-7166"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2016-7166"}],"affected":[{"package":{"name":"bsdcpio","ecosystem":"Red Hat:enterprise_linux:7::client","purl":"pkg:rpm/redhat/bsdcpio"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:3.1.2-10.el7_2"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2016:1844.json"}},{"package":{"name":"bsdtar","ecosystem":"Red Hat:enterprise_linux:7::client","purl":"pkg:rpm/redhat/bsdtar"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:3.1.2-10.el7_2"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2016:1844.json"}},{"package":{"name":"libarchive","ecosystem":"Red Hat:enterprise_linux:7::client","purl":"pkg:rpm/redhat/libarchive"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:3.1.2-10.el7_2"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2016:1844.json"}},{"package":{"name":"libarchive-debuginfo","ecosystem":"Red Hat:enterprise_linux:7::client","purl":"pkg:rpm/redhat/libarchive-debuginfo"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:3.1.2-10.el7_2"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2016:1844.json"}},{"package":{"name":"libarchive-devel","ecosystem":"Red Hat:enterprise_linux:7::client","purl":"pkg:rpm/redhat/libarchive-devel"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:3.1.2-10.el7_2"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2016:1844.json"}},{"package":{"name":"bsdcpio","ecosystem":"Red Hat:enterprise_linux:7::computenode","purl":"pkg:rpm/redhat/bsdcpio"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:3.1.2-10.el7_2"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2016:1844.json"}},{"package":{"name":"bsdtar","ecosystem":"Red Hat:enterprise_linux:7::computenode","purl":"pkg:rpm/redhat/bsdtar"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:3.1.2-10.el7_2"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2016:1844.json"}},{"package":{"name":"libarchive","ecosystem":"Red Hat:enterprise_linux:7::computenode","purl":"pkg:rpm/redhat/libarchive"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:3.1.2-10.el7_2"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2016:1844.json"}},{"package":{"name":"libarchive-debuginfo","ecosystem":"Red Hat:enterprise_linux:7::computenode","purl":"pkg:rpm/redhat/libarchive-debuginfo"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:3.1.2-10.el7_2"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2016:1844.json"}},{"package":{"name":"libarchive-devel","ecosystem":"Red Hat:enterprise_linux:7::computenode","purl":"pkg:rpm/redhat/libarchive-devel"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:3.1.2-10.el7_2"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2016:1844.json"}},{"package":{"name":"bsdcpio","ecosystem":"Red Hat:enterprise_linux:7::server","purl":"pkg:rpm/redhat/bsdcpio"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:3.1.2-10.el7_2"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2016:1844.json"}},{"package":{"name":"bsdtar","ecosystem":"Red Hat:enterprise_linux:7::server","purl":"pkg:rpm/redhat/bsdtar"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:3.1.2-10.el7_2"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2016:1844.json"}},{"package":{"name":"libarchive","ecosystem":"Red Hat:enterprise_linux:7::server","purl":"pkg:rpm/redhat/libarchive"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:3.1.2-10.el7_2"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2016:1844.json"}},{"package":{"name":"libarchive-debuginfo","ecosystem":"Red Hat:enterprise_linux:7::server","purl":"pkg:rpm/redhat/libarchive-debuginfo"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:3.1.2-10.el7_2"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2016:1844.json"}},{"package":{"name":"libarchive-devel","ecosystem":"Red Hat:enterprise_linux:7::server","purl":"pkg:rpm/redhat/libarchive-devel"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:3.1.2-10.el7_2"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2016:1844.json"}},{"package":{"name":"bsdcpio","ecosystem":"Red Hat:enterprise_linux:7::workstation","purl":"pkg:rpm/redhat/bsdcpio"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:3.1.2-10.el7_2"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2016:1844.json"}},{"package":{"name":"bsdtar","ecosystem":"Red Hat:enterprise_linux:7::workstation","purl":"pkg:rpm/redhat/bsdtar"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:3.1.2-10.el7_2"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2016:1844.json"}},{"package":{"name":"libarchive","ecosystem":"Red Hat:enterprise_linux:7::workstation","purl":"pkg:rpm/redhat/libarchive"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:3.1.2-10.el7_2"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2016:1844.json"}},{"package":{"name":"libarchive-debuginfo","ecosystem":"Red Hat:enterprise_linux:7::workstation","purl":"pkg:rpm/redhat/libarchive-debuginfo"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:3.1.2-10.el7_2"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2016:1844.json"}},{"package":{"name":"libarchive-devel","ecosystem":"Red Hat:enterprise_linux:7::workstation","purl":"pkg:rpm/redhat/libarchive-devel"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:3.1.2-10.el7_2"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2016:1844.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:L"}]}