{"id":"MGASA-2025-0200","summary":"Updated libarchive packages fix security vulnerabilities","details":"Double free at archive_read_format_rar_seek_data() in\narchive_read_support_format_rar.c. (CVE-2025-5914)\nHeap buffer over read in copy_from_lzss_window() at\narchive_read_support_format_rar.c. (CVE-2025-5915)\nInteger overflow while reading warc files at\narchive_read_support_format_warc.c. (CVE-2025-5916)\nOff by one error in build_ustar_entry_name() at\narchive_write_set_format_pax.c. (CVE-2025-5917)\n","modified":"2026-04-16T00:12:02.509156148Z","published":"2025-07-02T17:04:08Z","upstream":["CVE-2025-5914","CVE-2025-5915","CVE-2025-5916","CVE-2025-5917"],"references":[{"type":"ADVISORY","url":"https://advisories.mageia.org/MGASA-2025-0200.html"},{"type":"REPORT","url":"https://bugs.mageia.org/show_bug.cgi?id=34402"},{"type":"ADVISORY","url":"https://ubuntu.com/security/notices/USN-7601-1"}],"affected":[{"package":{"name":"libarchive","ecosystem":"Mageia:9","purl":"pkg:rpm/mageia/libarchive?arch=source&distro=mageia-9"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"3.6.2-5.5.mga9"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2025-0200.json"}}],"schema_version":"1.7.5","credits":[{"name":"Mageia","contact":["https://wiki.mageia.org/en/Packages_Security_Team"],"type":"COORDINATOR"}]}