Candidate: CVE-2011-1779
PublicDate: 2012-04-13 20:55:00 UTC
References: 
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1779
Description:
 Multiple use-after-free vulnerabilities in libarchive 2.8.4 and 2.8.5 allow
 remote attackers to cause a denial of service (application crash) or
 possibly have unspecified other impact via a crafted (1) TAR archive or (2)
 ISO9660 image.
Ubuntu-Description: 
Notes: 
 mdeslaur> code is different in 2.8.x
Bugs: 
 https://bugzilla.redhat.com/show_bug.cgi?id=705849
Priority: medium
Discovered-by:
Assigned-to: mdeslaur
CVSS: 

Patches_libarchive:
 upstream: http://code.google.com/p/libarchive/source/detail?r=3038
upstream_libarchive: needs-triage
hardy_libarchive: ignored (reached end-of-life)
lucid_libarchive: not-affected (code not present)
maverick_libarchive: not-affected (code not present)
natty_libarchive: not-affected (code not present)
oneiric_libarchive: not-affected (code not present)
devel_libarchive: not-affected (code not present)