Xar Project ≫ Xar

libxar.so in xar 1.6.1 has a NULL pointer dereference in the xar_unserialize function in archive.c.

libxar.so in xar 1.6.1 has a NULL pointer dereference in the xar_get_path function in util.c.