[ALSA-2025:14135] Important: libarchive security update
Type:
security
Severity:
important
Release date:
2025-08-21
Description:
The libarchive programming library can create and read several different streaming archive formats, including GNU tar, cpio, and ISO 9660 CD-ROM images. Libarchive is used notably in the bsdtar utility, scripting language bindings such as python-libarchive, and several popular desktop file managers. Security Fix(es): * libarchive: Double free at archive_read_format_rar_seek_data() in archive_read_support_format_rar.c (CVE-2025-5914) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
References:
Updated packages listed below:
Architecture Package Checksum
aarch64 libarchive-devel-3.3.3-6.el8_10.aarch64.rpm 017faa4aac7556f514fb65ed0d2b58c07437374eb52e90497877b687530d03f3
aarch64 libarchive-3.3.3-6.el8_10.aarch64.rpm 0778a3c70b982b2269c197d550352a8351a394b1e111606533c9ec9744f08966
aarch64 bsdtar-3.3.3-6.el8_10.aarch64.rpm 9a5bdb2830f1c1642ee1d04e9e1d1456526d6ac5958c941a23ca292f674cacdb
i686 libarchive-devel-3.3.3-6.el8_10.i686.rpm 648015b0357940adcddca76069643f72c3c284a7897cb96db63f8afc9d4fc38f
i686 libarchive-3.3.3-6.el8_10.i686.rpm a0bf684736b70317d4e04a570d497575810a876aa68a4071b3b421e8eb6d5ef0
ppc64le libarchive-3.3.3-6.el8_10.ppc64le.rpm 0880876f55910da1b6ab7ada13ca2e10c83fcfeae78e2c641defc9b003eccca1
ppc64le libarchive-devel-3.3.3-6.el8_10.ppc64le.rpm dff8b1938493f542f2666637048983d622458404c81a8755c4b2c5744a38f954
ppc64le bsdtar-3.3.3-6.el8_10.ppc64le.rpm fed855e1b0face5364d3221383a5264383fe89b4ffbd74b62211aeecde42c1de
s390x libarchive-3.3.3-6.el8_10.s390x.rpm c0bf197c94ae9c4cebddcde841b76d9c4bcd94643590a5f7dfef0f688409b2fd
s390x libarchive-devel-3.3.3-6.el8_10.s390x.rpm e4135c14b76d8fe86889cfe73a9758aa583c90839f77bed96d3836f557ba86a9
s390x bsdtar-3.3.3-6.el8_10.s390x.rpm f6e29d2e51dcec1bc50f404a2b3f33797f1c3292e8a296db91f43739cd9211d4
x86_64 libarchive-devel-3.3.3-6.el8_10.x86_64.rpm 202db29f99d3797f57f84904189e742475450365a08f329d42d51f3f98a1be08
x86_64 bsdtar-3.3.3-6.el8_10.x86_64.rpm cad7d7b768a8583fa511cb64ddb2c457087398590fc53e12773136cbd4df73bc
x86_64 libarchive-3.3.3-6.el8_10.x86_64.rpm e84689cd67cb516e05661298cd138dba09da48ddc30e897a1966d454563ac932
Notes:
This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.