FEDORA-2026-b42b8b1c00 — security update for libarchive

stable

libarchive-3.8.6-1.fc44

FEDORA-2026-b42b8b1c00 created by ljavorsk 3 months ago for Fedora 44

CVE-2026-4111 libarchive: Infinite Loop Denial of Service in RAR5 Decompression via archive_read_data() in libarchive

How to install

Updates may require up to 24 hours to propagate to mirrors. If the following command doesn't work, please retry later:

sudo dnf upgrade --refresh --advisory=FEDORA-2026-b42b8b1c00

This update has been submitted for testing by ljavorsk.

3 months ago

This update's test gating status has been changed to 'waiting'.

3 months ago

This update's test gating status has been changed to 'waiting'.

3 months ago

This update's test gating status has been changed to 'passed'.

3 months ago

This update has been pushed to testing.

3 months ago

filiperosset commented & provided feedback 3 months ago

karma

no regressions noted

geraldosimiao provided feedback 3 months ago

karma

This update can be pushed to stable now if the maintainer wishes

3 months ago

bojan commented & provided feedback 2 months ago

karma

Works.

This update has been submitted for stable by bodhi.

There is an ongoing freeze; this will be pushed to stable after the freeze is over.

2 months ago

derekenz commented & provided feedback a month ago

karma

Works

This update has been pushed to stable.

a month ago

Please log in to add feedback.

Metadata

Type

security

Severity

high

Karma

Signed

Content Type

RPM

Test Gating

passed

Autopush Settings

Unstable by Karma

-3

Stable by Karma

Stable by Time

14 days

Dates

submitted

3 months ago

in testing

3 months ago

in stable

a month ago

approved

3 months ago

Builds

libarchive-3.8.6-1.fc44

BZ#2448049 CVE-2026-4111 libarchive: Infinite Loop Denial of Service in RAR5 Decompression via archive_read_data() in libarchive [fedora-all]

libarchive-3.8.6-1.fc44

Automated Test Results

passed