Security update for libarchive

This update for libarchive fixes the following issues: CVE-2025-1632: Fixed null pointer dereference in bsdunzip.c bsc1237606 CVE-2025-25724: Fixed buffer overflow vulnerability in function listitemverbose in tar/util.c bsc1238610 Patch Instructions: To install this SUSE update use the SUSE...

SUSE CVE-2025-25724

listitemverbose in tar/util.c in libarchive through 3.7.7 does not check an strftime return value, which can lead to a denial of service or unspecified other impact via a crafted TAR archive that is read with a verbose value of 2. For example, the 100-byte buffer may not be sufficient for a custo...

AZL-57712 CVE-2025-25724 affecting package libarchive for versions less than 3.7.7-2

listitemverbose in tar/util.c in libarchive through 3.7.7 does not check an strftime return value, which can lead to a denial of service or unspecified other impact via a crafted TAR archive that is read with a verbose value of 2. For example, the 100-byte buffer may not be sufficient for a custo...

UBUNTU-CVE-2025-25724

listitemverbose in tar/util.c in libarchive through 3.7.7 does not check an strftime return value, which can lead to a denial of service or unspecified other impact via a crafted TAR archive that is read with a verbose value of 2. For example, the 100-byte buffer may not be sufficient for a custo...

SUSE CVE-2016-8687

Stack-based buffer overflow in the safefprintf function in tar/util.c in libarchive 3.2.1 allows remote attackers to cause a denial of service via a crafted non-printable multibyte character in a filename...

DEBIAN-CVE-2016-8687

Stack-based buffer overflow in the safefprintf function in tar/util.c in libarchive 3.2.1 allows remote attackers to cause a denial of service via a crafted non-printable multibyte character in a filename...

UBUNTU-CVE-2016-8687

Stack-based buffer overflow in the safefprintf function in tar/util.c in libarchive 3.2.1 allows remote attackers to cause a denial of service via a crafted non-printable multibyte character in a filename...