[ALSA-2025:7524] Important: xz security update
Type:
security
Severity:
important
Release date:
2025-05-29
Description:
XZ Utils is an integrated collection of user-space file compression utilities based on the Lempel-Ziv-Markov chain algorithm (LZMA), which performs lossless data compression. The algorithm provides a high compression ratio while keeping the decompression time short. Security Fix(es): * xz: XZ has a heap-use-after-free bug in threaded .xz decoder (CVE-2025-31115) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Updated packages listed below:
Architecture Package Checksum
aarch64 xz-5.6.2-4.el10_0.aarch64.rpm 023389fab7fef4e28002a18562da52e029daab2ef5e356180b0fe6142a3ec024
aarch64 xz-lzma-compat-5.6.2-4.el10_0.aarch64.rpm 0d4948b7147255434a079c3508fe9725b158e483acd336b05e95d99a7a6268c6
aarch64 xz-libs-5.6.2-4.el10_0.aarch64.rpm 2b69ce283d825b3b99a888ee4e417dce967102eb80bdbf757c7506aa2e441651
aarch64 xz-devel-5.6.2-4.el10_0.aarch64.rpm f6b9843c41fc22d0993e1136bab576b0deca0a823bc1f2c4672c2be9c785ba6d
ppc64le xz-devel-5.6.2-4.el10_0.ppc64le.rpm 212b578596eefc6f25184a8d748d936be67d65014c9eb4ce477e939d0410f4f8
ppc64le xz-lzma-compat-5.6.2-4.el10_0.ppc64le.rpm 7b6168a508747ec65a23c3f7dc60db5bf8a26b62143a2d9f216f01bec3c298ef
ppc64le xz-libs-5.6.2-4.el10_0.ppc64le.rpm cafac0ded33fee2d497f0d6f0a2c37483021a4c911e3a0741aaa712a1ee6012d
ppc64le xz-5.6.2-4.el10_0.ppc64le.rpm e1adaa240e20f429314c6afb6b8d53b2dc2ac3cda2fe2936234a1fae0b8bd949
s390x xz-libs-5.6.2-4.el10_0.s390x.rpm 0315a20d525fcf25bcf52ac062a02946c13227722e0b3034490d56a99c8c037f
s390x xz-lzma-compat-5.6.2-4.el10_0.s390x.rpm 080f13126742fbda10672dbf7b29693ec452f3b41c9ba90956552dde6cffe774
s390x xz-5.6.2-4.el10_0.s390x.rpm 9e790abd15dff435349de8b7eea92297043e06ca63a96d94d38c098a43ff2b25
s390x xz-devel-5.6.2-4.el10_0.s390x.rpm c0c64d2d2e7eab621f4c2c40f110dfbf01aac00cc5b979d990ce6cc9cbda6c13
x86_64 xz-devel-5.6.2-4.el10_0.x86_64.rpm 131da966c72950c50d101a0958e35faaf4746e039691a93a1e84dc955c1470fc
x86_64 xz-libs-5.6.2-4.el10_0.x86_64.rpm 371d79dae3790ad776f91888f2b5065eefa36d2265b0e2b103890ee2be0781f0
x86_64 xz-5.6.2-4.el10_0.x86_64.rpm 5bc8b695fe3e486000dc0be7a1b3484754e705f0a3522c07269d460d96f1b926
x86_64 xz-lzma-compat-5.6.2-4.el10_0.x86_64.rpm 98be69774ca09ea3451ae04d754ca462e695dadd7464bf2e3d8360622bcde290
Notes:
This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.