ALSA-2025:7510

[ALSA-2025:7510] Moderate: libarchive security update

Type:

security

Severity:

moderate

Release date:

2025-07-02

Description:

The libarchive programming library can create and read several different streaming archive formats, including GNU tar, cpio, and ISO 9660 CD-ROM images. Libarchive is used notably in the bsdtar utility, scripting language bindings such as python-libarchive, and several popular desktop file managers.  

Security Fix(es):  

  * libarchive: heap buffer over-read in header_gnu_longlink (CVE-2024-57970)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

References:

Updated packages listed below:

Architecture	Package	Checksum
aarch64	bsdtar-3.7.7-2.el10_0.aarch64.rpm	405653eecba10ec26dfa7c792d09e4ed9b2b834991310068157a6dadd0acce6c
aarch64	libarchive-3.7.7-2.el10_0.aarch64.rpm	5098d4f3ba1a5c64a23781fd74944f44d6a80ace847b06ff349c92dacc62df46
aarch64	libarchive-devel-3.7.7-2.el10_0.aarch64.rpm	9450ec95c41833750a8805abd8a52a63e20a943f2239de3f36d59af08deeb4c6
ppc64le	libarchive-devel-3.7.7-2.el10_0.ppc64le.rpm	09bc51cd867053ad0b00af0d8f68966667ea9b3b5054c0cec653e970ff605c1d
ppc64le	libarchive-3.7.7-2.el10_0.ppc64le.rpm	47e6ac604b840d069055e486299a1906be01721343c04a325d1a4681153562d6
ppc64le	bsdtar-3.7.7-2.el10_0.ppc64le.rpm	5ba75cadc649006d47d2aa780a060ea9a5bd9abbd61eb16dd20895439d143e1b
s390x	bsdtar-3.7.7-2.el10_0.s390x.rpm	1fcf2cf0518d6bb0ebfb03758f36c65b90d57aa1c7b0910c43a167231c7dedc7
s390x	libarchive-devel-3.7.7-2.el10_0.s390x.rpm	42d9bb5e4220e266f0eac9571b0bd22974d6f53fbf46d567491d8221d1fe9a86
s390x	libarchive-3.7.7-2.el10_0.s390x.rpm	9d8519e89dba282b8aad2c9d7a194e335481049eda2bbc0a3261b579ba0df86a
x86_64	libarchive-3.7.7-2.el10_0.x86_64.rpm	cf03b6fc456742c2bd591a85cee7d23350662082bb79509f3817b729c3279e23
x86_64	libarchive-devel-3.7.7-2.el10_0.x86_64.rpm	d68bfaf5a1bd3365999e8da04841b86bae353777f8dcc2f437b838ccd69068fd
x86_64	bsdtar-3.7.7-2.el10_0.x86_64.rpm	ff2bf582e21a16b02bf716f584065fc41a37aaa849648e2b83949499401533f4
x86_64_v2	bsdtar-3.7.7-2.el10_0.x86_64_v2.rpm	49c35605eaed938c431b236d3be99c77c80353937980da92ec085d679f3e9525
x86_64_v2	libarchive-devel-3.7.7-2.el10_0.x86_64_v2.rpm	64e647839390a78e6f3a0224bfee6c26356b7ed9a5a174ba9b0799c37bd52553
x86_64_v2	libarchive-3.7.7-2.el10_0.x86_64_v2.rpm	ed613ae73c329a1f56a6d8bc5b698c051fc90310db939bfa63095658fbb7989b

Notes:

This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.