CLSA-2025-1766232351 libarchive: Fix of 3 CVEs

CVE-2025-5916: fix signed integer overflow in WARC format reader - CVE-2025-5917: fix buffer overflow in buildustarentry for PAX format - CVE-2025-5918: prevent skipping past EOF in archive file reading...

golang: archive/tar: Unbounded allocation when parsing GNU sparse map

A flaw was found in the archive/tar package in the Go standard library. tar.Reader does not set a maximum size on the number of sparse region data blocks in GNU tar pax 1.0 sparse files. A specially crafted tar archive with a pax header indicating a big number of sparse regions can cause a Go...

CLSA-2025-1766232861 delve: Fix of CVE-2025-58183

rebuild with golang 1.25.3-1 to fix CVE-2025-58183 fix unbounded memory consumption when reading GNU pax 1.0 sparse files - fix failing tests for golang 1.25...

Security update for libarchive

This update for libarchive fixes the following issues: CVE-2025-5914: Fixed double free due to an integer overflow in the archivereadformatrarseekdata function bsc1244272 CVE-2025-5915: Fixed heap buffer over read in copyfromlzsswindow at archivereadsupportformatrar.c bsc1244273 CVE-2025-5916:...

Security update for libarchive

This update for libarchive fixes the following issues: CVE-2025-5914: Fixed double free due to an integer overflow in the archivereadformatrarseekdata function bsc1244272 CVE-2025-5915: Fixed heap buffer over read in copyfromlzsswindow at archivereadsupportformatrar.c bsc1244273 CVE-2025-5916:...

libarchive does not properly terminate loop

Overview libarchive contains a vulnerability that may allow an attacker to cause a denial of service. Description The libarchive library provides an interface for reading and writing archive files.There is a vulnerability in libarchive that occurs when it parses the pax interchange format. If an...