These are all security issues fixed in the apache-commons-compress-1.26.0-1.1 package on the GA media of openSUSE Tumbleweed.
{ "binaries": [ { "apache-commons-compress-javadoc": "1.26.0-1.1", "apache-commons-compress": "1.26.0-1.1" } ] }