Alerts This Week
Warning Icon 1 692
Alerts This Week
Warning Icon 1 692

Fedora 40: 2024-cbb72aad83 Critical: Libarchive Buffer Overflow

fedora
Calendar Grey June 2, 2024
Dist Fedora Esm H88
The Fedora 40 release features an important update to Libarchive, addressing a severe buffer overflow issue discovered in the rar e8 filter component.
Automatic update for libarchive-3.7.2-4.fc40.

Summary

Libarchive is a programming library that can create and read several different

streaming archive formats, including most popular tar variants, several cpio

formats, and both BSD and GNU ar variants. It can also write shar archives and

read ISO9660 CDROM images and ZIP archives.

Update Information:

Automatic update for libarchive-3.7.2-4.fc40.

Topics%20covered

Topics Covered

security advisory fedora buffer overflow critical archive library

Change Log

* Mon May 27 2024 Lukas Javorsky - 3.7.2-4 - Fix for CVE-2024-26256

References


[ 1 ] Bug #2282527 - CVE-2024-26256 libarchive: Heap based buffer overflow in rar e8 filter [fedora-40] https://bugzilla.redhat.com/show_bug.cgi?id=2282527

Update Instructions

This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2024-cbb72aad83' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

Severity
critical
Lowest
Low
Medium
High
Critical

Name: libarchive
Product: Fedora 40
Version: 3.7.2
Release: 4.fc40
URL: https://www.libarchive.org/
Summary: A library for handling streaming archive formats

Topics%20covered

Topics Covered

security advisory fedora buffer overflow critical archive library

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Related News

Your message here