Cisco Talos has worked with the maintainers of libarchive to patch three rather severe bugs in the library. Release 3.2.1 of Libarchive addresses these issues, and Splunk has released patches. Talos urges all users to patch/upgrade related, vulnerable software. Vulnerabilities discovered by Marcin Icewall Noga and Jaeson Schultz. The vulnerabilities were discovered in the 7-Zip support format module of the libarchive.cisco Talos released a video demonstrating how flaws in libarchive can be exploited.”]
Source: https://blog.talosintelligence.com/2016/06/the-poisoned-archives.html