Package "libarchive-dev"
| Name: |
libarchive-dev
|
Description: |
Multi-format archive and compression library (development files)
|
| Latest version: |
3.8.5-1ubuntu2.1 |
| Release: |
resolute (26.04) |
| Level: |
security |
| Repository: |
main |
| Head package: |
libarchive |
| Homepage: |
https://www.libarchive.org/ |
Links
Download "libarchive-dev"
Other versions of "libarchive-dev" in Resolute
Changelog
|
libarchive (3.8.5-1ubuntu2.1) resolute-security; urgency=medium
* SECURITY UPDATE: Heap out-of-bounds read during RAR archive processing
- debian/patches/CVE-2026-4424-1.patch: Reallocate undersized LZSS windows
in libarchive/archive_read_support_format_rar.c
- debian/patches/CVE-2026-4424-2.patch: Cast LZSS mask comparison in
libarchive/archive_read_support_format_rar.c
- CVE-2026-4424
* SECURITY UPDATE: Undefined behavior during zisofs decompression
- debian/patches/CVE-2026-4426.patch: Validate zisofs block size exponent
in libarchive/archive_read_support_format_iso9660.c
- CVE-2026-4426
* SECURITY UPDATE: Integer overflow during zisofs block pointer allocation
- debian/patches/CVE-2026-5121.patch: Add related regression tests in
test/test_read_format_iso_zisofs_overflow.c and
../test_read_format_iso_zisofs_overflow.iso.uu
- CVE-2026-5121
-- Shafayat Hossain Majumder <email address hidden> Tue, 20 May 2026 11:52:49 -0400
|
| CVE-2026-4424 |
A flaw was found in libarchive. This heap out-of-bounds read vulnerability exists in the RAR archive processing logic due to improper validation of t |
| CVE-2026-4426 |
A flaw was found in libarchive. An Undefined Behavior vulnerability exists in the zisofs decompression logic, caused by improper validation of a fiel |
| CVE-2026-5121 |
A flaw was found in libarchive. On 32-bit systems, an integer overflow vulnerability exists in the zisofs block pointer allocation logic. A remote at |
|
About
-
Send Feedback to @ubuntu_updates
