[ALSA-2025:14130] Important: libarchive security update
Type:
security
Severity:
important
Release date:
2025-08-20
Description:
The libarchive programming library can create and read several different streaming archive formats, including GNU tar, cpio, and ISO 9660 CD-ROM images. Libarchive is used notably in the bsdtar utility, scripting language bindings such as python-libarchive, and several popular desktop file managers. Security Fix(es): * libarchive: Double free at archive_read_format_rar_seek_data() in archive_read_support_format_rar.c (CVE-2025-5914) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
References:
Updated packages listed below:
Architecture Package Checksum
aarch64 bsdtar-3.5.3-6.el9_6.aarch64.rpm 31d47e548750182b3bdc4ed68c6f63efa76eeb20afb5da3607ae22883844ba27
aarch64 libarchive-3.5.3-6.el9_6.aarch64.rpm 596d36055ca8f4e205027af61f99c1a6a336b3cb169e14cea90fe1fb4bbafd39
aarch64 libarchive-devel-3.5.3-6.el9_6.aarch64.rpm 66788edbfb6819034a3c5747873367a674e9b5bf644baf7fd95549a7ec71fe98
i686 libarchive-devel-3.5.3-6.el9_6.i686.rpm 78a4ff23930edf5e6ca6d4031ab356262e663f5637882bddb954167acd8ec725
i686 libarchive-3.5.3-6.el9_6.i686.rpm e94cf2e63e7b7a9f3e2396ceeb5b886b13e8f215b9bf224a9981fd766249c038
ppc64le libarchive-3.5.3-6.el9_6.ppc64le.rpm 8daf72eb73ac51bb385c39c7e8ea744f76eda2de0b63c12ae0f595fb963e30b0
ppc64le bsdtar-3.5.3-6.el9_6.ppc64le.rpm ba2cdf7343c948063a19cccbc9b0535a906b04231aadc22b352f18fba9025036
ppc64le libarchive-devel-3.5.3-6.el9_6.ppc64le.rpm fdaab7943ed962d6931e537aa7dd2abd616c3843effea70c837816c71d890ef8
s390x bsdtar-3.5.3-6.el9_6.s390x.rpm 8473d58ee39d231ec9a0cb20b6f54e7b877abf838e7db0890812a663f2b17bf2
s390x libarchive-devel-3.5.3-6.el9_6.s390x.rpm c50b8e6cccc1462c64baf3c8d63ec5d85313fc99cac0303d13146db1defe4aba
s390x libarchive-3.5.3-6.el9_6.s390x.rpm ce91bcb912f4b4de939951425c36f2df8747121639491f4c65c8bb3308a2e30d
x86_64 libarchive-3.5.3-6.el9_6.x86_64.rpm 26a94a1e2983ec109271466380fe4e307dbd97023ca0225961fd40ac2ef030ad
x86_64 bsdtar-3.5.3-6.el9_6.x86_64.rpm 39e1bb8497f4d459146ea547ca33f4a830fe6e429b78a3f077844f907e07745b
x86_64 libarchive-devel-3.5.3-6.el9_6.x86_64.rpm c07c946772d303f02a3f892a1a385871a9d218c71e614550d43f9eae68640416
Notes:
This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.