FreeBSD Security Advisory - An integer signedness error in the archive_write_zip_data() function in archive_write_set_format_zip.c in libarchive(2) could lead to a buffer overflow on 64-bit machines. An attacker who can provide input of their choice for creating a ZIP archive can cause a buffer overflow in libarchive(2) that results in a core dump or possibly execution of arbitrary code provided by the attacker. Continue reading...
