A vulnerability has been found and corrected in libarchive: Fabian Yamaguchi reported a read buffer overflow flaw in libarchive on 64-bit systems where sizeof is equal to 8. In the archive_write_zip_data function in libarchive/ archive_write_set_format_zip.c, the "s" parameter is of type size_t and is cast to a 64 bit signed integer. If "s" is larger than MAX_INT, it will not be set to "zip->remaining_data_bytes" even though it is larger than "zip->remaining_data_bytes", which leads to a buffer overflow when calling deflate. This can lead to a segfault in an application that uses libarchive to create ZIP archives . The updated packages have been patched to correct this issue.