[slackware-security] libarchive

New libarchive packages are available for Slackware 15.0 and -current to fix security issues. Here are the details from the Slackware 15.0 ChangeLog: patches/packages/libarchive-3.8.2-i586-1slack15.0.txz: Upgraded. This update contains security fixes and improvements: 7zip: Fix out of boundary...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: libarchive (UTSA-2025-986096)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-986096 advisory. listitemverbose in tar/util.c in libarchive through 3.7.7 does not check an strftime return value, which can lead to a denial of service or unspecified other impact...

DEBIAN-CVE-2025-25724

listitemverbose in tar/util.c in libarchive through 3.7.7 does not check an strftime return value, which can lead to a denial of service or unspecified other impact via a crafted TAR archive that is read with a verbose value of 2. For example, the 100-byte buffer may not be sufficient for a custo...

AZL-57720 CVE-2025-25724 affecting package libarchive for versions less than 3.6.1-5

listitemverbose in tar/util.c in libarchive through 3.7.7 does not check an strftime return value, which can lead to a denial of service or unspecified other impact via a crafted TAR archive that is read with a verbose value of 2. For example, the 100-byte buffer may not be sufficient for a custo...

CVE-2025-25724

CVE-2025-25724 affects libarchive up to 3.7.7. The issue is in tar/util.c: list_item_verbose does not check the return value of strftime, which can enable a denial of service or other impact when reading a crafted TAR with verbose=2, potentially impacted by locale-specific buffer sizing. Connecte...