[zeus] libarchive: CVE-2020-21674

X-Account-Key: account1
X-UIDL: GmailId1754013cff90f7d9
X-Mozilla-Status: 0000
X-Mozilla-Status2: 00000000
X-Mozilla-Keys: 
Delivered-To: mhalstead@linuxfoundation.org
Received: by 2002:a05:7000:9b01:0:0:0:0 with SMTP id a1csp3393314max;
	Mon, 19 Oct 2020 01:57:21 -0700 (PDT)
X-Google-Smtp-Source: ABdhPJzspgvr4lXyi75yvp7fmPEJQvMK29kECGKhR4BkTRNQIiW2nTQMihj1TZ/OJumxXUhtvnAG
X-Received: by 2002:a17:902:eed4:b029:d5:ebe3:fc29 with SMTP id
	h20-20020a170902eed4b02900d5ebe3fc29mr1021487plb.20.1603097841635;
	Mon, 19 Oct 2020 01:57:21 -0700 (PDT)
Return-Path: <bounce+67612+143576+1003190+8014325@lists.openembedded.org>
Received: from web01.groups.io (web01.groups.io. [66.175.222.12])
	by mx.google.com with ESMTPS id
	d8si10875041plj.186.2020.10.19.01.57.21
	for <mhalstead@linuxfoundation.org>
	(version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128);
	Mon, 19 Oct 2020 01:57:21 -0700 (PDT)
Received-SPF: pass (google.com: domain of
	bounce+67612+143576+1003190+8014325@lists.openembedded.org
	designates 66.175.222.12 as permitted sender)
	client-ip=66.175.222.12; 
Authentication-Results: mx.google.com;
	dkim=pass header.i=@lists.openembedded.org header.s=20140610
	header.b=FnszskZm; arc=fail (body hash mismatch);
	spf=pass (google.com: domain of
	bounce+67612+143576+1003190+8014325@lists.openembedded.org
	designates 66.175.222.12 as permitted sender)
	smtp.mailfrom=bounce+67612+143576+1003190+8014325@lists.openembedded.org
X-Received: by 127.0.0.2 with SMTP id 3PwLYY1004525xFkNNE6AteJ;
	Mon, 19 Oct 2020 01:57:21 -0700
X-Received: from NAM11-BN8-obe.outbound.protection.outlook.com
	(NAM11-BN8-obe.outbound.protection.outlook.com [40.107.236.54])
	by mx.groups.io with SMTP id smtpd.web09.9631.1603097839936768350
	for <openembedded-core@lists.openembedded.org>;
	Mon, 19 Oct 2020 01:57:20 -0700
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none;
	b=XK34wwa+gb98SqNPqJmXYyud3d2ZzWty207nVrE32Loij/3fiY0gjCq0fb/32rhk27fdE0O/zwPxiFSRydtTzCgJp7fEKs9k4X3v4eVnz8Vkz/vLQ3b3np21TlFqbBs7IN4RHgdHc/GDisNtfhZTDHvHi7NF5U5GMkJuUOtgmV/fBt8JyGlprezKNJUED4ZJKeyERkcjgyhAQtOUk9yZZZMnKTDT8044kEjQLnwZvZUE829OxiYJUkRcft5k5GaevlFqBWlrrzwxjs13yz6AvMq9hxrqO4uSqkqdrFf7+zK/GFBpESKF5SVGhRUZFfYS2t2nPzeeT8F+7Z032blpcA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com;
	s=arcselector9901;
	h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;
	bh=y/J0UpxVlEuEwdTdDO/Tmc3qwPnWD20gLWwH5l7hwKI=;
	b=fJfxOtoasZdLOPCRYu/OQZ3/HLhjBkylyK0uqYcwaE03W16h4OEC8AlHgBiMyF4/K8gCGrlJ+CbZc6DUok4hAj9tuQ1oO3NhJ3FeRjzbol88z5TnqJ3hM1J/tsf44M4qiVfG2uJDbA1bkHkmbEEGRNkqBnjnZuYcPe2gJZRWa5KxD+bIsrRXpD9cERotwUSH7q/U3r9QQ3vM7j66iTqHvp+4+54R5FVsnSAv6xtncRvaZqDaTbZAsB6iISBVMYbN+rQvY6WrOz0vfHVqTclPG5Pq7ZOr4OaO4DAMQcEVlyM1VI80xm2TuF+SkDgwjztKjoW5f1Q+8qnV2P+Uv5brEQ==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass
	smtp.mailfrom=windriver.com; dmarc=pass action=none
	header.from=windriver.com; dkim=pass header.d=windriver.com; arc=none
X-Received: from DM6PR11MB3595.namprd11.prod.outlook.com
	(2603:10b6:5:142::16)
	by DM5PR11MB2010.namprd11.prod.outlook.com (2603:10b6:3:12::21) with
	Microsoft SMTP Server (version=TLS1_2,
	cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3477.24;
	Mon, 19 Oct 2020 08:57:18 +0000
X-Received: from DM6PR11MB3595.namprd11.prod.outlook.com
	([fe80::54c6:c8e4:c594:eada]) by
	DM6PR11MB3595.namprd11.prod.outlook.com
	([fe80::54c6:c8e4:c594:eada%6]) with mapi id 15.20.3477.028;
	Mon, 19 Oct 2020 08:57:18 +0000
To: openembedded-core@lists.openembedded.org
From: "Li Wang" <li.wang@windriver.com>
Subject: [OE-core][zeus][PATCH] libarchive: CVE-2020-21674
Message-ID: <cbdaf5a8-7b27-5289-3687-4fb826a85ea4@windriver.com>
Date: Mon, 19 Oct 2020 16:57:11 +0800
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:68.0) Gecko/20100101
	Thunderbird/68.12.1
X-Originating-IP: [60.247.85.82]
X-ClientProxiedBy: HK2PR03CA0062.apcprd03.prod.outlook.com
	(2603:1096:202:17::32) To DM6PR11MB3595.namprd11.prod.outlook.com
	(2603:10b6:5:142::16)
MIME-Version: 1.0
X-MS-Exchange-MessageSentRepresentingType: 1
X-Received: from [128.224.162.148] (60.247.85.82) by
	HK2PR03CA0062.apcprd03.prod.outlook.com
	(2603:1096:202:17::32) with Microsoft SMTP Server
	(version=TLS1_2,
	cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3499.9
	via Frontend Transport; Mon, 19 Oct 2020 08:57:16 +0000
X-MS-PublicTrafficType: Email
X-MS-Office365-Filtering-Correlation-Id: 90581354-8fde-41ba-7883-08d8740cfb41
X-MS-TrafficTypeDiagnostic: DM5PR11MB2010:
X-Microsoft-Antispam-PRVS: <DM5PR11MB2010241EF7DB85D6555016BAEF1E0@DM5PR11MB2010.namprd11.prod.outlook.com>
X-MS-Oob-TLC-OOBClassifiers: OLM:85;
X-MS-Exchange-SenderADCheck: 1
X-Microsoft-Antispam-Message-Info: zsgGoOGzEVhjtgtu1ygPmCwEUiXitOceKggJ+rHOCxjSQl6aZ02bsJpaXD99zJ726eBWEZXtn6lnfaUWeaOysBxHXFCHoTJqepMoEETTJ582boLfs1w40p/l76qJtn9tRFyK3PMc7ef815EbAVcGa8iObRiB37FyU94e+24+j+2KyHNmsU7fHwhe1r0QgogK3eppG7a8ZTRUaL5R+0eySFXClTx3NfcMfXmyf4jc2ESyQeC67XhQVVEXEFXIE+OBHaIoBRgguspBzW+tMlpm1p/MyhjeQU5gFHMXuip+tKcqCNdErliTeDKXJvro7dR1WPvnaqeDpUmQo6Bg8/DoIFP1ph0iFCvxWpyffjpiAxbWc3I21wguB6jm5QZ4vgCgP9fyTwvYA4gvvM4NlOKoqDDiLJeDpDUl+LS13/0JBE0zsOf2ESyaruBEXpliFJZpAf15BgTvoYdL4lVI8R9a78Jm0ZGqxPqfD3Lv+ci3QIw=
X-MS-Exchange-AntiSpam-MessageData: 1pAPOFYGGmTRaicxNXcqdcZymiiSj1DgFgBoDOi26BUzOZochFf8nugOHtkFQS8DIXfCGanMS3CRvYr28JDg6yNdRtiU0yaLz5uv0HFnVqodXZV9uWejc1LY64FBmlUfEO72jqkQxdMj38GQxU7y/gafFAdgxd81Q06j4Malk9Vwh7x0x6NaquE0UTUhriLFESKMgvh33Jme5c6Y+Nrsbso7z9L/tT0E9L34bpLYqS9Uzqtmq4n9cmkWGXf7hYTL3hi9pQMIUrm2xWk/O1hDcmPKkgtYdGTTUYWaYwMYZ9g9I5bP9opGQy7qujqENZBoxE6VynwKOrqSBqc5emkjZj9FnJQk7IuNuMoK9CqrNOsNYqiLw25oHPToORynhKgppstnZve5657xVSQl1bRJcT6pxAvUzfjItVNQX7EotZdM4Oj6xOiobRTW2SmLv48TZ0xTcyORT69+LyVzNMCX9zM9CB86vgLPeOzz5N0bHzOQXjP/OC06C8Nq9OycHaVcwf4aZr0HqkfIxFXU6UC+P7PVkLKPDG4lyhpc/0jn4pcv0Ag5ATx2PEoVR8l40Ti3vLFuSf1HDOQIBdzuQvK3o7YWYnCJsaCzWpTKf+kkAIkITumkSneVCIPEgg788vvLU+qHUU4Qp6v3eQfjxxVyWA==
X-OriginatorOrg: windriver.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 90581354-8fde-41ba-7883-08d8740cfb41
X-MS-Exchange-CrossTenant-AuthSource: DM6PR11MB3595.namprd11.prod.outlook.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 19 Oct 2020 08:57:18.1134
	(UTC)
X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted
X-MS-Exchange-CrossTenant-Id: 8ddb2873-a1ad-4a18-ae4e-4644631433be
X-MS-Exchange-CrossTenant-MailboxType: HOSTED
X-MS-Exchange-CrossTenant-UserPrincipalName: 5MdFbgSkIarGEeF0zs+smdktfFfKRAah1Vr6hrntCd36E/YCjC1lDsPmHZKWgU5Bgbs8uCU8sKH231kZBcZRCw==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM5PR11MB2010
Precedence: Bulk
List-Unsubscribe: <https://lists.openembedded.org/g/openembedded-core/unsub>
Sender: openembedded-core@lists.openembedded.org
List-Id: <openembedded-core.lists.openembedded.org>
Mailing-List: list openembedded-core@lists.openembedded.org;
	contact openembedded-core+owner@lists.openembedded.org
Delivered-To: mailing list openembedded-core@lists.openembedded.org
List-Post: <mailto:openembedded-core@lists.openembedded.org>
X-Gm-Message-State: 8CwCocwAOpBQvWvK4f3tUzjyx1003190AA=
Content-Type: multipart/mixed; boundary="fsdwBGv145oEZlnIvHhy"
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple;
	d=lists.openembedded.org; q=dns/txt; s=20140610; t=1603097841;
	bh=Q2Zglsl2S5l7jR7dzOqezBMix+g69tObWD1N0RQOqxw=;
	h=Content-Type:Date:From:Subject:To;
	b=FnszskZmeA2lyM4u0hSoptRC22JQW3BelbCmVIskJj+zMqxew6klP72DhrO8SS63R2A
	P1HSv1AkM+Mnkf+KI2c9lbwf+cmVwtYgNsVwRPBAYiYPCkQi3cxnyoUAdWQYHvsWxsO9I
	mkOpeQh2lKiL49W9jLbYmJ5rPG2lauevN/E=