Libarchive v3.6.0 was discovered to contain an out-of-bounds read via the component zipx_lzma_alone_init.Referenceshttps://github.com/libarchive/libarchive/issues/1672https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SBYGJICQ7FKDZ2IIOAH423IHWQ6MNONQ/https://security.gentoo.org/glsa/202208-26
