[ALSA-2026:8492] Important: libarchive security update
Type:
security
Severity:
important
Release date:
2026-04-17
Description:
The libarchive programming library can create and read several different streaming archive formats, including GNU tar, cpio, and ISO 9660 CD-ROM images. Libarchive is used notably in the bsdtar utility, scripting language bindings such as python-libarchive, and several popular desktop file managers. Security Fix(es): * libarchive: libarchive: Information disclosure via heap out-of-bounds read in RAR archive processing (CVE-2026-4424) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
References:
Updated packages listed below:
Architecture Package Checksum
aarch64 bsdtar-3.7.7-8.el10_1.aarch64.rpm 3de6d25003647af5158e4b2141123851c9500812cbeac21eeedb73f086944c3c
aarch64 libarchive-devel-3.7.7-8.el10_1.aarch64.rpm 4539d3e970bde7bcb1d6260a3a0da0673825cbb31c1bcda3ed5c359455e63deb
aarch64 libarchive-3.7.7-8.el10_1.aarch64.rpm 99dd164af000cdf0f6ea7f6a09f400948f8a23d229452d55360426cdc7b6feda
ppc64le libarchive-devel-3.7.7-8.el10_1.ppc64le.rpm 9bcd7e2d6f7d0f90aa761b2040ab470cd1342700735560abaaa94dc12049a2df
ppc64le bsdtar-3.7.7-8.el10_1.ppc64le.rpm 9f91622ca1c0f166a81440697773d5d11e016768600661a7b463a912cf616ae3
ppc64le libarchive-3.7.7-8.el10_1.ppc64le.rpm e7b5e3a93174f8e7b45a880b3a143c1fc43b4b448d8de92ffd4ffa9e695340e0
s390x libarchive-3.7.7-8.el10_1.s390x.rpm 1f7bb63f9a845c3b144a48b9ca6d6f5c189e19d6b8de3feba870e3e4b10018de
s390x bsdtar-3.7.7-8.el10_1.s390x.rpm 89a25400a0c4c9d0ac3f68af87bdd927b6e3c03a341137e59006a23578821bf8
s390x libarchive-devel-3.7.7-8.el10_1.s390x.rpm 928b58dbda8590dd5a7f037e1f910f797ec4183d5aeade27da9f880d3a2a84a4
x86_64 bsdtar-3.7.7-8.el10_1.x86_64.rpm 4a59bfca300198c3848ba89c1e793d097b154871ccd8b8a44920f85d28ec6a10
x86_64 libarchive-3.7.7-8.el10_1.x86_64.rpm 5bf11dce5314321650c4a654d06f6dac720101ba890b34548519e5e869b5ad69
x86_64 libarchive-devel-3.7.7-8.el10_1.x86_64.rpm 6af7663271afab90b986d3d60426abe8090f03b1b0d78c2fa3636b7810d575cd
x86_64_v2 bsdtar-3.7.7-8.el10_1.x86_64_v2.rpm 6f1c6757ee3d565aa2e787a7f8bc8036329afc900c23f8ef1809f3f9503632d9
x86_64_v2 libarchive-devel-3.7.7-8.el10_1.x86_64_v2.rpm c9c0228e4869abea156de797b72c1c2ab6c8d25158f61279d58491fa166e4f7f
x86_64_v2 libarchive-3.7.7-8.el10_1.x86_64_v2.rpm f0ee10ca7ca8d9bcd0d3f41ec1df699d790bb569ff68ca3ca2d40ac11d329dd3
Notes:
This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.