Fedora 43 perl-Archive-Tar Important Path Traversal CVE-2026-42496 Advisory
fedora
June 18, 2026
Fixed CVE-2026-42496 - Path traversal via crafted symlinks allows arbitrary file access Backported from 3.08
Summary
Archive::Tar provides an object oriented mechanism for handling tar
files. It provides class methods for quick and easy files handling
while also allowing for the creation of tar file objects for custom
manipulation. If you have the IO::Zlib module installed, Archive::Tar
will also support compressed or gzipped tar files.
Update Information:
Fixed CVE-2026-42496 - Path traversal via crafted symlinks allows arbitrary file access Backported from 3.08
Change Log
* Wed Jun 3 2026 Jitka Plesnikova
References
[ 1 ] Bug #2484320 - CVE-2026-42496 perl-Archive-Tar: perl-archive-tar: Path traversal via crafted symlinks allows arbitrary file access [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2484320
Update Instructions
This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-6988e8f652' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
PREVIOUS 
NEXT Severity
important
Lowest
Low
Medium
High
Critical
Name: perl-Archive-Tar
Product: Fedora 43
Version: 3.04
Release: 522.fc43
Summary: A module for Perl manipulation of .tar files
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!