From f8862a83b00675052d34fbd21fa2a9d6a947b1381982d03ecc01a9a3cf77776e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Adrian=20Schr=C3=B6ter?= Date: Fri, 3 May 2024 14:32:54 +0200 Subject: [PATCH] Sync from SUSE:SLFO:Main libarchive revision c398a7e9d165d5e6bf5948e3a8b0fff2 --- .gitattributes | 23 ++ _constraints | 13 + baselibs.conf | 1 + fix-soversion.patch | 13 + lib-suffix.patch | 26 ++ libarchive-3.6.2.tar.xz | 3 + libarchive-3.6.2.tar.xz.asc | 14 + libarchive.changes | 601 ++++++++++++++++++++++++++++++++++++ libarchive.keyring | 52 ++++ libarchive.spec | 211 +++++++++++++ 10 files changed, 957 insertions(+) create mode 100644 .gitattributes create mode 100644 _constraints create mode 100644 baselibs.conf create mode 100644 fix-soversion.patch create mode 100644 lib-suffix.patch create mode 100644 libarchive-3.6.2.tar.xz create mode 100644 libarchive-3.6.2.tar.xz.asc create mode 100644 libarchive.changes create mode 100644 libarchive.keyring create mode 100644 libarchive.spec diff --git a/.gitattributes b/.gitattributes new file mode 100644 index 0000000..9b03811 --- /dev/null +++ b/.gitattributes @@ -0,0 +1,23 @@ +## Default LFS +*.7z filter=lfs diff=lfs merge=lfs -text +*.bsp filter=lfs diff=lfs merge=lfs -text +*.bz2 filter=lfs diff=lfs merge=lfs -text +*.gem filter=lfs diff=lfs merge=lfs -text +*.gz filter=lfs diff=lfs merge=lfs -text +*.jar filter=lfs diff=lfs merge=lfs -text +*.lz filter=lfs diff=lfs merge=lfs -text +*.lzma filter=lfs diff=lfs merge=lfs -text +*.obscpio filter=lfs diff=lfs merge=lfs -text +*.oxt filter=lfs diff=lfs merge=lfs -text +*.pdf filter=lfs diff=lfs merge=lfs -text +*.png filter=lfs diff=lfs merge=lfs -text +*.rpm filter=lfs diff=lfs merge=lfs -text +*.tbz filter=lfs diff=lfs merge=lfs -text +*.tbz2 filter=lfs diff=lfs merge=lfs -text +*.tgz filter=lfs diff=lfs merge=lfs -text +*.ttf filter=lfs diff=lfs merge=lfs -text +*.txz filter=lfs diff=lfs merge=lfs -text +*.whl filter=lfs diff=lfs merge=lfs -text +*.xz filter=lfs diff=lfs merge=lfs -text +*.zip filter=lfs diff=lfs merge=lfs -text +*.zst filter=lfs diff=lfs merge=lfs -text diff --git a/_constraints b/_constraints new file mode 100644 index 0000000..8025de2 --- /dev/null +++ b/_constraints @@ -0,0 +1,13 @@ + + + + ppc64 + ppc64le + + + + 4096 + + + + diff --git a/baselibs.conf b/baselibs.conf new file mode 100644 index 0000000..86f30d2 --- /dev/null +++ b/baselibs.conf @@ -0,0 +1 @@ +libarchive13 diff --git a/fix-soversion.patch b/fix-soversion.patch new file mode 100644 index 0000000..9bdfe6d --- /dev/null +++ b/fix-soversion.patch @@ -0,0 +1,13 @@ +Index: libarchive-3.4.0/CMakeLists.txt +=================================================================== +--- libarchive-3.4.0.orig/CMakeLists.txt ++++ libarchive-3.4.0/CMakeLists.txt +@@ -71,7 +71,7 @@ SET(LIBARCHIVE_VERSION_STRING "${VERSIO + # libarchive 2.9 == interface version 11 = 2 + 9 + # libarchive 3.0 == interface version 12 + # libarchive 3.1 == interface version 13 +-math(EXPR INTERFACE_VERSION "13 + ${_minor}") ++set(INTERFACE_VERSION "13") + + # Set SOVERSION == Interface version + # ?? Should there be more here ?? diff --git a/lib-suffix.patch b/lib-suffix.patch new file mode 100644 index 0000000..a3eecc5 --- /dev/null +++ b/lib-suffix.patch @@ -0,0 +1,26 @@ +Index: libarchive-3.4.3/libarchive/CMakeLists.txt +=================================================================== +--- libarchive-3.4.3.orig/libarchive/CMakeLists.txt ++++ libarchive-3.4.3/libarchive/CMakeLists.txt +@@ -255,8 +255,8 @@ IF(ENABLE_INSTALL) + # How to install the libraries + INSTALL(TARGETS archive archive_static + RUNTIME DESTINATION bin +- LIBRARY DESTINATION lib +- ARCHIVE DESTINATION lib) ++ LIBRARY DESTINATION lib${LIB_SUFFIX} ++ ARCHIVE DESTINATION lib${LIB_SUFFIX}) + INSTALL_MAN(${libarchive_MANS}) + INSTALL(FILES ${include_HEADERS} DESTINATION include) + ENDIF() +Index: libarchive-3.4.3/build/cmake/CreatePkgConfigFile.cmake +=================================================================== +--- libarchive-3.4.3.orig/build/cmake/CreatePkgConfigFile.cmake ++++ libarchive-3.4.3/build/cmake/CreatePkgConfigFile.cmake +@@ -29,5 +29,5 @@ CONFIGURE_FILE(${CMAKE_CURRENT_SOURCE_DI + # And install it, of course ;). + IF(ENABLE_INSTALL) + INSTALL(FILES ${CMAKE_CURRENT_BINARY_DIR}/build/pkgconfig/libarchive.pc +- DESTINATION "lib/pkgconfig") ++ DESTINATION "lib${LIB_SUFFIX}/pkgconfig") + ENDIF() diff --git a/libarchive-3.6.2.tar.xz b/libarchive-3.6.2.tar.xz new file mode 100644 index 0000000..608063a --- /dev/null +++ b/libarchive-3.6.2.tar.xz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:9e2c1b80d5fbe59b61308fdfab6c79b5021d7ff4ff2489fb12daf0a96a83551d +size 5213196 diff --git a/libarchive-3.6.2.tar.xz.asc b/libarchive-3.6.2.tar.xz.asc new file mode 100644 index 0000000..b0b9865 --- /dev/null +++ b/libarchive-3.6.2.tar.xz.asc @@ -0,0 +1,14 @@ +-----BEGIN PGP SIGNATURE----- + +iQGzBAABCgAdFiEE2yx88bTCZfrvVuP8WEihi48UGEsFAmOTTgMACgkQWEihi48U +GEsIrgv6ApeOuR8LQt9p2PUBHxcQbyXXtjJSP6VpKCE5PfwonjpVt3+vlFKenFko +BjXvDARtlAX2SU17UYIGlpHfGF7dofke3JykRPKwjQfT8bxu/+QdwaJjjyEyHCGI +3sdPkrK7TGDc9/R5imsBAq30hDX3Cwpmdv8IBT5G/sjdXmXPGog1E7GjUFHO0ADE +GqpOhvyxUzjPln1RRpT0KVTgHBN/GJosM/Wwt615s8MqmRgxgi/EwZAc1p2QuIwS +KjCHIQ6GdONNMPWxxJY0kI8ifXmhGiBseIyECIFah7eUhqmQfWnwgL7p3bb0A2r8 +UMX8IvW79n5Er6U3r0SbS+kIhirq8YH8jUvCgkH5cYjU9vTcCYYnhY3/nz+lFW06 +2CZzKwwTUARPjhPJnqPLmf6IQPLJ25g92zauQE1tQ7s1OWnSMdjE4F+nBeNRlAEr +wXwOuINhaH/d0ujxb7fgEtzmj9iETGnNfa6MAVw8+u6fIbjBZO/8atp1askbAPPl +SYPNnQ/2 +=9Ggs +-----END PGP SIGNATURE----- diff --git a/libarchive.changes b/libarchive.changes new file mode 100644 index 0000000..736b6ea --- /dev/null +++ b/libarchive.changes @@ -0,0 +1,601 @@ +------------------------------------------------------------------- +Fri Dec 23 07:57:09 UTC 2022 - Dirk Müller + +- update to 3.6.2 (bsc#1205629, CVE-2022-36227) + * NULL pointer dereference vulnerability in archive_write.c + * include ZSTD in Windows builds (#1688) + * SSL fixes on Windows (#1714, #1723, #1724) + * rar5 reader: fix possible garbled output with bsdtar -O (#1745) + * mtree reader: support reading mtree files with tabs (#1783) + * various small fixes for issues found by CodeQL + +------------------------------------------------------------------- +Fri Apr 8 17:01:05 UTC 2022 - Dirk Müller + +- update to 3.6.1: + * 7zip reader: fix PPMD read beyond boundary (#1671) + * ZIP reader: fix possible out of bounds read (OSS-Fuzz 38766 #1672) + * ISO reader: fix possible heap buffer overflow in read_children() (OSS-Fuzz 38764, #1685) + * RARv4 redaer: fix multiple issues in RARv4 filter code (introduced in libarchive 3.6.0) + * fix heap use after free in archive_read_format_rar_read_data() (OSS-Fuzz 44547, 52efa50) + * fix null dereference in read_data_compressed() (OSS-Fuzz 44843, 1271f77) + * fix heap user after free in run_filters() (OSS-Fuzz 46279, #1715) + +------------------------------------------------------------------- +Thu Feb 24 19:18:32 UTC 2022 - Ferdinand Thiessen + +- Update to 3.6.0 + * Fix use-after-free bug (CVE-2021-36976) + * tar: new option "--no-read-sparse" + * tar: threads support for zstd + * RAR reader: filter support + * RAR5 reader: self-extracting archive support + * ZIP reader: zstd decompression support + * tar: respect "--ignore-zeros" in c, r and u modes + * reduced size of application binaries + * internal code optimizations +- Drop upstream merged fix-following-symlinks.patch + +------------------------------------------------------------------- +Mon Nov 29 09:00:26 UTC 2021 - Adrian Schröter + +- fix permission settings on following symlinks (fix-following-symlinks.patch) + this fixes also wrong permissions of /var/tmp in factory systems + CVE-2021-31566 + +------------------------------------------------------------------- +Sun Nov 7 19:13:11 UTC 2021 - Andreas Stieger + +- update to 3.5.2: + * CPIO: Support for PWB and v7 binary cpio formats + * ZIP reader: Support of deflate algorithm in symbolic link decompression + * security: fix handling of symbolic link ACLs on Linux (boo#1192425) + * security: never follow symlinks when setting file flags on Linux (boo#1192426) + * security: do not follow symlinks when processing the fixup list (boo#1192427) + * fix extraction of hardlinks to symlinks + * 7zip reader and writer fixes + * RAR reader fixes + * ZIP reader: fix excessive read for padded zip + * CAB reader: fix double free + * handle short writes from archive_write_callback + +------------------------------------------------------------------- +Wed Jan 6 16:11:01 UTC 2021 - Dirk Müller + +- update to 3.5.1: + * various compilation fixes (#1461, #1462, #1463, #1464) + * fixed undefined behavior in a function in warc reader (#1465) + +------------------------------------------------------------------- +Tue Dec 1 10:24:21 UTC 2020 - Ismail Dönmez + +- Update to version 3.5.0 + New features: + * mtree digest reader support (#1347) + * completed support for UTF-8 encoding conversion (#1389) + * minor API enhancements (#1258, #1405) + * support for system extended attributes (#1409) + * support for decompression of symbolic links in zipx archives (#1435) + Important bugfixes + * fixed extraction of archives with hard links pointing to itself (#1381) + * cpio fixes (#1387, #1388) + * fixed uninitialized size in rar5_read_data (#1408) + * fixed memory leaks in error case of archive_write_open() functions (#1456) +- Drop libarchive-3.4.3-fix_test_write_disk_secure.patch, fixed upstream. + +------------------------------------------------------------------- +Mon Sep 7 17:17:45 UTC 2020 - Andreas Stieger + +- fix build with binutils submitted to Factory, adding upstream + libarchive-3.4.3-fix_test_write_disk_secure.patch + +------------------------------------------------------------------- +Wed May 20 05:14:18 UTC 2020 - Ismail Dönmez + +- Update to version 3.4.3 + * support for pzstd compressed files (#1357) + * support for RHT.security.selinux tar extended attribute (#1348) + * various zstd fixes and improvements (#1342 #1352 #1359) + * child process handling fixes (#1372) + +------------------------------------------------------------------- +Tue Feb 18 14:46:07 UTC 2020 - Ismail Dönmez + +- Switch back to cmake build now that cmake-mini exists, this will + no longer create a build-cycle. + +------------------------------------------------------------------- +Wed Feb 12 08:34:50 UTC 2020 - Ismail Dönmez + +- Update to version 3.4.2 + New features: + * support for atomic file extraction (bsdtar -x --safe-writes) (#1289) + * support for mbed TLS (PolarSSL) (#1301) + Important bugfixes: + * security fixes in RAR5 reader (#1280 #1326) + * compression buffer fix in XAR writer (#1317) + * fix uname and gname longer than 32 characters in PAX writer (#1319) + * fix segfault when archiving hard links in ISO9660 and XAR writers (#1325) + * fix support for extracting 7z archive entries with Delta filter (#987) + +------------------------------------------------------------------- +Mon Dec 30 08:40:05 UTC 2019 - Ismail Dönmez + +- Revert back to autoconf, cmake introduces a cycle. Leave cmake + patches in since they are basically correct and might be useful + in the future. + +------------------------------------------------------------------- +Mon Dec 30 08:14:13 UTC 2019 - Ismail Dönmez + +- Update to version 3.4.1 + New features: + * Unicode filename support for reading lha/lzh archives + * New pax write option "xattrhdr" + Important bugfixes: + * security fixes in wide string processing (#1276 #1298) + * security fixes in RAR5 reader (#1212 #1217 #1296) CVE-2019-19221 + * security fixes and optimizations to write filter logic (#351) + * security fix related to use of readlink(2) (1dae5a5) + * sparse file handling fixes (#1218 #1260) +- Drop CVE-2019-19221.patch and fix-zstd-test.patch, fixed upstream + +------------------------------------------------------------------- +Fri Nov 22 13:17:53 UTC 2019 - Adrian Schröter + +- fix bsc#1157569 + CVE-2019-19221.patch out-of-bounds read in libarchive + +------------------------------------------------------------------- +Sun Aug 18 12:33:05 UTC 2019 - Ismail Dönmez + +- Switch to cmake build +- Add lib-suffix.patch to honor LIB_SUFFIX +- Add fix-zstd-test.patch to fix zstd test +- Add fix-soversion.patch to fix the soversion to 13 as autotools + +------------------------------------------------------------------- +Thu Jun 20 11:35:15 UTC 2019 - Ismail Dönmez + +- Add lz4 and zstd support +- Add BuildRequires on liblz4-devel and libzstd-devel + +------------------------------------------------------------------- +Thu Jun 13 08:00:36 UTC 2019 - Ismail Dönmez + +- Update to version 3.4.0 + * Support for file and directory symlinks on Windows + * Read support for RAR 5.0 archives + * Read support for ZIPX archives with xz, lzma, ppmd8 and + bzip2 compression + * Support for non-recursive list and extract + * New tar option: --exclude-vcs + * Improved file attribute support on Linux and file flags support + on FreeBSD + * Fix reading Android APK archives (#1055 ) + * Fix problems related to unreadable directories (#1167) + * A two-digit number of OSS-Fuzz issues was resolved in this release + including CVE-2019-18408 +- Add libarchive.keyring and validate the tarball signature +- Drop all security patches, fixed upstream: + * CVE-2018-1000877.patch + * CVE-2018-1000878.patch + * CVE-2018-1000879.patch + * CVE-2018-1000880.patch + * CVE-2019-1000019.patch + * CVE-2019-1000020.patch + +------------------------------------------------------------------- +Tue Feb 5 15:16:08 UTC 2019 - Adrian Schröter + +- Added patches: + * CVE-2019-1000019.patch Fixes 7zip crash (boo#1124341) + * CVE-2019-1000020.patch ISO9660 infinite loop fixed (boo#1124342) + +------------------------------------------------------------------- +Thu Jan 3 15:26:58 UTC 2019 - Karol Babioch + +- Added patches: + * CVE-2018-1000877.patch, which fixes a double free vulnerability in RAR + decoder (CVE-2018-1000877 bsc#1120653) + * CVE-2018-1000878.patch, which fixes a Use-After-Free vulnerability in RAR + decoder (CVE-2018-1000878 bsc#1120654) + * CVE-2018-1000879.patch, which fixes a NULL Pointer Dereference + vulnerability in ACL parser (CVE-2018-1000879 bsc#1120656) + * CVE-2018-1000880.patch, which fixes an improper input validation + vulnerability in WARC parser (CVE-2018-1000880 bsc#1120659) +- Make use of %license macro +- Applied spec-cleaner + +------------------------------------------------------------------- +Tue Sep 18 07:08:54 UTC 2018 - Jan Engelhardt + +- Fix RPM groups. Remove idempotent %if..%endif guards. + Diversify summaries. Set CFLAGS instead of re-defining + optflags with itself. + +------------------------------------------------------------------- +Fri Sep 14 06:57:14 UTC 2018 - Adrian Schröter + +- update to version 3.3.3 + * Avoid super-linear slowdown on malformed mtree files + * Many fixes for building with Visual Studio + * NO_OVERWRITE doesn't change existing directory attributes + * New support for Zstandard read and write filters +- Fixes CVE-2017-14501, CVE-2017-14502, CVE-2017-14503 +- fix-CVE-2017-14166.patch is obsolete + +------------------------------------------------------------------- +Thu Sep 7 07:05:15 UTC 2017 - adrian@suse.de + +- update to version 3.3.2 + * NFSv4 ACL support for Linux (librichacl) +- fix-CVE-2017-14166.patch (boo#1057514) + +------------------------------------------------------------------- +Mon Apr 3 14:44:27 UTC 2017 - adrian@suse.de + +- update to version 3.3.1 + * Security & Feature release + Details are not documented from upstream yet + fix-extract-over-links.patch and libarchive-openssl.patch obsoleted + +------------------------------------------------------------------- +Fri Dec 2 13:37:54 UTC 2016 - adrian@suse.com + +- fix extracting over symlinks: fix-extract-over-links.patch + the problem is solved upstream different, but git master + is too different atm. + +------------------------------------------------------------------- +Wed Oct 26 09:27:32 UTC 2016 - adrian@suse.com + +- update to version 3.2.2 + Unspecified security fixes, but at least: + * CVE-2016-8687 + * CVE-2016-8689 + * CVE-2016-8688 + * CVE-2016-5844 + * CVE-2016-6250 + * CVE-2016-5418 +- obsoletes fix-build.patch + +------------------------------------------------------------------- +Sat Jul 23 21:13:34 UTC 2016 - dmueller@suse.com + +- make bsdtar require a matching libarchive version to avoid + missing symbol errors + +------------------------------------------------------------------- +Mon Jun 20 10:31:43 UTC 2016 - adrian@suse.de + +- update to version 3.2.1 + Fixes a number of security issues: + CVE-2015-8934, CVE-2015-8933, CVE-2015-8917, CVE-2016-4301, CVE-2016-4300 +- and fixing the build (fix-build.patch) + +------------------------------------------------------------------- +Thu Jun 16 09:33:17 UTC 2016 - adrian@suse.de + +- limit size of symlinks in cpio archives (CVE-2016-4809, boo#984990) + CVE-2016-4809.patch + +------------------------------------------------------------------- +Mon May 9 08:42:19 UTC 2016 - adrian@suse.de + +- 4GB _constraints for ppc64le only, it would break other archs + +- update to version 3.2.0 + * Fixes CVE-2016-1541 + * Fixes CVE-2015-8928 + * changes are only documented in git history + * updated openssl patch + * new bsdcat utility + +- removed obsolete patches for: + * CVE-2013-0211.patch + * directory-traversal-fix.patch + * libarchive-xattr.patch + +------------------------------------------------------------------- +Fri May 6 14:45:14 UTC 2016 - normand@linux.vnet.ibm.com + +- add _constraints memory 4096MB to avoid ppc64le build failure + +------------------------------------------------------------------- +Sat Sep 19 20:17:41 UTC 2015 - astieger@suse.com + +- build static lib on RHEL 7 + +------------------------------------------------------------------- +Sun Mar 22 19:51:10 UTC 2015 - astieger@suse.com + +- RHEL/CentOS build fix, skipping autoreconf + +------------------------------------------------------------------- +Sun Mar 15 20:11:00 UTC 2015 - astieger@suse.com + +- add CVE for previous change + +------------------------------------------------------------------- +Thu Mar 5 13:36:09 UTC 2015 - adrian@suse.com + +- fix a directory traversal in cpio tool (bnc#920870) + directory-traversal-fix.patch CVE-2015-2304 + +------------------------------------------------------------------- +Tue Nov 11 12:07:46 UTC 2014 - jsegitz@novell.com + +- Added CVE-2013-0211.patch to fix CVE-2013-0211 (bnc#800024) + +------------------------------------------------------------------- +Wed May 28 17:18:59 UTC 2014 - crrodriguez@opensuse.org + +- libarchive-xattr.patch, fix subtle wrong library check + that causes this package to depend on libattr when it should + be using glibc. + +------------------------------------------------------------------- +Sun Nov 24 16:22:02 UTC 2013 - andreas.stieger@gmx.de + +- add optional -static-devel library package, intended to publish pixz + for CentOS / RHEL, default off +- skip some dependencies not required for pixz on CentOS / RHEL + +------------------------------------------------------------------- +Tue Aug 20 05:34:09 UTC 2013 - crrodriguez@opensuse.org + +- remove artificial dependencies on libacl-devel, libbz2-devel, + zlib-devel from libarchive-devel. + +------------------------------------------------------------------- +Mon Aug 19 21:14:38 UTC 2013 - crrodriguez@opensuse.org + +- libarchive-openssl.patch: Call OPENSSL_config where needed, + otherwise on systems configured to use openSSL engines such + as via-padlock wont benefit from hardware acceleration. + +------------------------------------------------------------------- +Fri Aug 16 20:07:27 UTC 2013 - andreas.stieger@gmx.de + +- update to 3.1.2 + This is a maintenance update to fix issues with the new RAR + seeking feature. +- libarchive's new website moved to http://www.libarchive.org. + +------------------------------------------------------------------- +Sun Jun 16 23:59:28 UTC 2013 - jengelh@inai.de + +- Explicitly list libattr-devel as BuildRequires (and sort those) + +------------------------------------------------------------------- +Wed Feb 13 08:05:35 UTC 2013 - werner@suse.de + +- Use %libname macro to be consistent throughout the spec file + +------------------------------------------------------------------- +Tue Feb 5 18:48:08 UTC 2013 - p.drouand@gmail.com + +- Update to version 3.1.1: + + Fix an issue with the soname versioning in builds of libarchive + using cmake +- Removed patchs; fixed and merged on upstream release: + * libarchive-fix-checks.patch + * libarchive-ppc64.patch +- The soname has changed and pass to 13. + +------------------------------------------------------------------- +Thu Aug 23 08:30:05 UTC 2012 - dvaleev@suse.com + +- libarchive-ppc64.patch: + fix http://code.google.com/p/libarchive/issues/detail?id=277 + test_option_b and test_option_nodump are failing on ppc64 + +------------------------------------------------------------------- +Thu Aug 9 09:05:01 UTC 2012 - cfarrell@suse.com + +- license update: BSD-2-Clause + The COPYING file shows that the package is predominantly BSD-2-Clause + licensed + +------------------------------------------------------------------- +Tue Aug 7 18:47:14 UTC 2012 - dimstar@opensuse.org + +- Update to version 3.0.4: + + libarchive development moved to http://libarchive.github.com/ +- Changes from version 3.0.2: + + Various fixes merged from FreeBSD + + Symlink support in Zip reader and writer + + Robustness fixes to 7Zip reader +- Changes from version 3.0.1b: + + 7Zip reader + + Small fixes to ISO and Zip to improve robustness with corrupted + input + + Improve streaming Zip reader's support for uncompressed entries + + New seeking Zip reader supports SFX Zip archives + + Build fixes on Windows +- For more changes since 2.8.5, please see NEWS file +- Update URL Tag to represent new home of the project. +- Rename libarchive2 to libarchive12, following upstreams soname + bumps. +- Add libarchive-fix-checks.patch: Fix gcc 4.7 side effects. +- Drop libarchive-test-fuzz.patch: fixed upstream. +- Drop libarchive-ignore-sigpipe-in-test-suite.patch: fixed + upstream. +- Drop libarchive-2.5.5_handle_ENOSYS_from_lutimes.patch: upstream + rejected the patch. Seems to be too theoretical problem. + +------------------------------------------------------------------- +Mon May 7 08:35:39 UTC 2012 - werner@suse.de + +- Enforce usage of reentrant versions of libc functions + +------------------------------------------------------------------- +Mon Feb 13 18:19:49 UTC 2012 - dvaleev@suse.com + +- fix failed tests on ppc + +------------------------------------------------------------------- +Wed Feb 8 10:57:45 UTC 2012 - idonmez@suse.com + +- Use %makeinstall to be SLES compatible + +------------------------------------------------------------------- +Thu Dec 22 11:27:05 UTC 2011 - werner@suse.de + +- For SLES11 work around missing rpm macro + +------------------------------------------------------------------- +Tue Dec 6 16:00:48 UTC 2011 - coolo@suse.com + +- rename main package to libarchive + +------------------------------------------------------------------- +Tue Dec 6 16:00:32 UTC 2011 - coolo@suse.com + +- Update to libarchive 2.8.5 (from werner) + * Fix issue 134: Improve handling of open failures + * Fix issue 119: Relax ISO verification + * Fix issue 121: mtree parsing + * Fix extraction of GNU tar 'D' directory entries + * Be less demanding in LZMA/XZ compression tests + +------------------------------------------------------------------- +Fri Sep 30 08:15:50 UTC 2011 - coolo@suse.com + +- add baselibs.conf for PackageKit to use + +------------------------------------------------------------------- +Tue Apr 19 13:23:09 UTC 2011 - idoenmez@novell.com + +- Add suport for xz and xar archives +- Add libarchive-2.8.4-iso9660-data-types.patch: + fix ISO9660 reader data type mismatches + +------------------------------------------------------------------- +Thu Nov 11 13:36:59 UTC 2010 - puzel@novell.com + +- udpate to libarchive-2.8.4 + - see /usr/share/doc/packages/libarchive2/NEWS for changes +- drop libarchive-2.5.5_fix_testsuite.patch (upstream) +- update libarchive-2.5.5_handle_ENOSYS_from_lutimes.patch +- clean up specfile +- disable make check for now + +------------------------------------------------------------------- +Wed Jan 6 04:36:37 UTC 2010 - jengelh@medozas.de + +- enable parallel building + +------------------------------------------------------------------- +Wed Oct 29 17:24:49 CET 2008 - mrueckert@suse.de + +- added libarchive-2.5.5_handle_ENOSYS_from_lutimes.patch: + it can happen that your system at build times supports lutimes + but later at runtime the needed syscall is missing. + +------------------------------------------------------------------- +Mon Sep 8 17:57:29 CEST 2008 - mrueckert@suse.de + +- fix rm calls in %install + +------------------------------------------------------------------- +Sat Sep 6 17:54:11 CEST 2008 - mrueckert@suse.de + +- update to 2.5.5 + This is a major version bump again: it incorporates + lots of bugfixes and improvements. + For all the details please see + /usr/share/doc/packages/libarchive2/NEWS +- drop the .la file +- dropped patch libarchive-2.2.5_rpath.patch: + no longer needed +- added libarchive-2.5.5_fix_testsuite.patch: + added missing mode to open() with O_CREAT + +------------------------------------------------------------------- +Wed Aug 15 12:58:06 CEST 2007 - ro@suse.de + +- fix dependency of devel package + +------------------------------------------------------------------- +Tue Aug 7 16:47:22 CEST 2007 - mrueckert@suse.de + +- restructured package: + bsdtar is now the main package and libarchive2 and libarchive-devel + the subpackages. This saves us a rename on soversion bumps. + +------------------------------------------------------------------- +Mon Jul 30 14:31:32 CEST 2007 - mrueckert@suse.de + +- update to 2.2.5 (#291358) + This is a major version bump. For a full list of all changes see + /usr/share/doc/packages/libarchive/NEWS. Mostly notable this up- + date includes the fixes for the following security bugs: + Errors handling corrupt tar files in libarchive + (CVE-2007-3641, CVE-2007-3644, CVE-2007-3645) +- added libarchive-2.2.5_rpath.patch: + dont set a rpath on the builddir. +- no longer building the static lib + +------------------------------------------------------------------- +Fri Jun 8 01:35:37 CEST 2007 - ro@suse.de + +- added ldconfig to post scripts +- remove minitar objects (leave binary there for now) + +------------------------------------------------------------------- +Sun Apr 8 20:53:59 CEST 2007 - mrueckert@suse.de + +- updated to 2.0.28 +- removed all patches: + included upstream + +------------------------------------------------------------------- +Sat Mar 24 20:07:04 CET 2007 - mrueckert@suse.de + +- require libbz2-devel on >= 10.3 + +------------------------------------------------------------------- +Sat Mar 24 16:30:08 CET 2007 - aj@suse.de + +- Change requires for libbz2 split. + +------------------------------------------------------------------- +Tue Mar 6 16:49:29 CET 2007 - mrueckert@suse.de + +- updated bsdtar-1.2.53_ext2_include.patch: + the old fix was not complete and on newer glibc/kernel-headers it + seems you need to include linux/fs.h explicitly + new name: bsdtar-1.3.1_linux_fs_includes.patch +- build with -fno-strict-aliasing + +------------------------------------------------------------------- +Fri Nov 10 13:01:38 CET 2006 - mrueckert@suse.de + +- added SA-06-24_libarchive.patch: + fix DOS in libarchive (CVE-2006-5680) + http://security.freebsd.org/advisories/FreeBSD-SA-06:24.libarchive.asc + +------------------------------------------------------------------- +Fri Sep 22 13:03:42 CET 2006 - mrueckert@suse.de + +- update to version 1.3.1 + +------------------------------------------------------------------- +Thu Apr 27 02:32:57 CEST 2006 - mrueckert@suse.de + +- updated to 1.2.53: + Upstream merged the source tarball. + Splitted of a bsdtar package + +------------------------------------------------------------------- +Mon Feb 27 19:24:00 CET 2006 - mrueckert@suse.de + +- fixed building of debuginfo package + +------------------------------------------------------------------- +Mon Feb 27 18:32:04 CET 2006 - mrueckert@suse.de + +- libarchive 1.2.38 + diff --git a/libarchive.keyring b/libarchive.keyring new file mode 100644 index 0000000..3235a8b --- /dev/null +++ b/libarchive.keyring @@ -0,0 +1,52 @@ +-----BEGIN PGP PUBLIC KEY BLOCK----- + +mQGNBGOTSakBDADYnE8uP/uR+viUTGNdMG8tWtoopvEEACFOwqx6NPb9sXvip5z2 +0ochmO+jNqbV+OiS/6gjpd2f2fmJ241ooqbqZrWklabohbr2ros25bmi1C/77FEK +sGulay334p1LXPxQA3kjEQSINMresnt8FYCO5q50VHgmnhSNaom8jPAy9S06fWqP +yXAXoJ53hwzYN6Bgb2CnU5FTwC9O4v5sI4wjQYq5JC9cbl1hM5PzC5bIse79l5Nq +YTsSuSY2RhOQ7w6L6V295l7C6TPkPBcqkg4Q+AYzdTTZagMN9NcchembtR/aMbuE +xg1PiUMdPOu99uW605XikwwYTy0ZGlz7GZE9EcpoBaoSX5m3haM5k59e5839YtnC +VbS0XOLCDp8uPMbLElGsLH6J1f1RxxV+h4r6ZypDSC0vTi54qI1nxsdJm1n21iwQ +0zP77oLUaIc+Nb0Mmh61+YFPLMgeHlfEsnsYzTWJU/tt6rlFFECKSlBGkiIXy1Ie +yKx2D+OlCZJ7FQMAEQEAAbQjTWFydGluIE1hdHVza2EgPG1hcnRpbkBtYXR1c2th +Lm9yZz6JAdQEEwEKAD4WIQTbLHzxtMJl+u9W4/xYSKGLjxQYSwUCY5NMJAIbAwUJ +BaOagAULCQgHAgYVCgkICwIEFgIDAQIeAQIXgAAKCRBYSKGLjxQYS8wPDACGqLMh +K5QGA3fjAY5GxEmYUOLB/0fwtCCsW9I1oVOkqdjR72c6iEKcPDcRpU1Xavncb/Kk +N3kD/xQAVpNhn5tIfNAhflZIeB/2gsOv79qBKyo9SkM9TpdNd60H/uOEeYFA0fPF +qXvrtdxK9gL3qkZtThvGnW49OlAHd8HvOMHCfCWMvJfwnt19PH/HR3cI3aXQHe3a +Oek3+E4eKlCruOm0CM1OKfv6FuO79URSw2NB+Tskj2NW91jIF8iZXveR/qi1lupn +AMLhXXpSJOmRGepKvfPRYoV7llSgSOdE+lElC6ljpe41T19c2PiVxUJOJmT4mtJo +9ghVUeIkUhXNpAU/5I6QAtPoGQfQVcE23PtFM7gibC3nL7yPT8igi904msOIxoUk +4kTOUCmW1KcGRT8SNnOrMkdEDGBg1QNNx7D/jyQf6umg4si3wu5NoVYr4eGorDxu +J0Jq2wm42JQDnXWnmoQpO/XwaOwV+OIveMHd0jgtqYHsQiry8IpUWb/0is60H01h +cnRpbiBNYXR1c2thIDxtbUBGcmVlQlNELm9yZz6JAdQEEwEKAD4WIQTbLHzxtMJl ++u9W4/xYSKGLjxQYSwUCY5NJqQIbAwUJBaOagAULCQgHAgYVCgkICwIEFgIDAQIe +AQIXgAAKCRBYSKGLjxQYS2z5DADN7TMpp246axc2NYYTzmHM1iN39EERH/gXT7dl ++d9uY9i1dPZrtzuLoh/yQX8z3P/WeR2czSRWhkxqZ4R64oYiOq2VA1aJ9QopFKIi +DA1mzTjDvuFiuhVR0484gxXf4N6peVhEoGZvUhLaR1n4L5ykAGwKLyqwOQqwK/BX +jxDSgM45bCWhImE6yux6yNrOYTGZA0IsRShRoDbmXvPZPBxMvQEa8RnzI9QqxbZR +17bNCt4VRYXUUpD1vAccJcLl1UGK12OSIevuUdv17Y05Da4IOhGHz9dXsojeFX4u +S7h1JsGZFV4O7XyVpnF5qwqYukN/ScYg2QJIkm/Is3m2AVx58xh2twoFfBew6qID +tnuWtzKlIqOlFST5nhSCaIAoGiVDEisXMY1ZffUJsugaKK6cufCw16dU9C3Kez4T +ap5j1vkIdPylL7i631g7UnNvpi/5ZaxAB3yB00G0LKqTRGjqRAaXnCDuXA89brLF +/wLqwsOROw6B1iQ/OyDhTPS0z6i5AY0EY5NJqQEMALs/XcCV+Xe34TA/eOWyQ4Qe +qbNMdjNBxXW3gpapCG5pMKtlrN/elyYTPJHeas63VWWYyWEhpfb54gISyZOrkwU2 +S6kRtNSw4dADLDbMjfclB+EMKkF3rovhlBz5483PC5Dbw4KVIvZPgdWbAzUERBey +XOlN2n5EQjcKcpuAlXlgR4ZtN9n1Po5SgCyjJbufIBxAho+Em1QoX+hne4eGfKf8 +o8feHbKibBqINj58GpCzyoyDDQ4NV+gRxU3AR85p2jNJrSrFELh7ZnHLTQvE1D9b +/DRhRHDshTRTiAVHGrlCvhIQL1NnsOqqZUz4zv03CsPzMNfvgxlw8rvt1SIAZecC +L9xz6P5zVb0svVq89Sc7S5AY7xQ7YhMf+fuG2ihpJFMAEBACypcqnLj0pdG1cZiv +dx7Pw4Gd/sag5uUiRj+myPzOo5LpfbU8acmGEoemdZOsO1XO1ABJFOhXHY6cyLgD +xk7sQvnlO2tTu1qvwPzKSr0XX6MfqUgtHwkELSnEVQARAQABiQG8BBgBCgAmFiEE +2yx88bTCZfrvVuP8WEihi48UGEsFAmOTSakCGwwFCQWjmoAACgkQWEihi48UGEtO +Hwv+Lht02gAsLxdqoMs5gBhC/jY2KMJhx/jrhCeIvdZWAZiBJ9wslqJkbhwF6tNt +/x1BY8pam4j5enLkLCWyyp3wm0QWiJME0N3+tN5QMFpO5kMbFygCCIXSOd+kfrA1 +xFfQt840LTV1rzvp+YW8SYBFjWtanW4K49C7cewacZbY+zwsWZ/FV1bbEZGnB7lL +0hiwOiXfjmxg0fVlEjLy7bt/8pxJ6w4wQsm78a4l3D2Oo1ux97Kcb+ymJvABmG7X +Lc90uLbJFBiSbxxbVcbvHx55kGtEzttN+YzJuOTDgXHoFXL4wMTsyVlkzCw1m/qW +uW68PO7RtXWl4C1aa6K/xC2jgiFT8IwppkEINeb2lIy96iyOPKD+NzocHBCcbx4W +f9yXue8x8Bptr5Pzv1G422yRLv4N9Hdb3fSALs1FCjVJFuov3FPjpKz6YhyY0vLj +PNcYqehQphtFs0ra8+OkupcNBiAYsPUlMGhFQakPxpEl4/IM5dny0YrtTuYJAdrI +HXDL +=weXn +-----END PGP PUBLIC KEY BLOCK----- diff --git a/libarchive.spec b/libarchive.spec new file mode 100644 index 0000000..6fcf434 --- /dev/null +++ b/libarchive.spec @@ -0,0 +1,211 @@ +# +# spec file for package libarchive +# +# Copyright (c) 2022 SUSE LLC +# +# All modifications and additions to the file contributed by third parties +# remain the property of their copyright owners, unless otherwise agreed +# upon. The license for this file, and modifications and additions to the +# file, is the same license as for the pristine package itself (unless the +# license for the pristine package is not an Open Source License, in which +# case the license is the MIT License). An "Open Source License" is a +# license that conforms to the Open Source Definition (Version 1.9) +# published by the Open Source Initiative. + +# Please submit bugfixes or comments via https://bugs.opensuse.org/ +# + + +%define somajor 13 +%define libname libarchive%{somajor} +%if 0%{?centos_version} || 0%{?rhel_version} +%if 0%{?centos_version} <= 600 || 0%{?rhel_version <= 700} +%bcond_without static_libs +%bcond_with openssl +%bcond_with ext2fs +%endif +%else +%bcond_with static_libs +%bcond_without openssl +%bcond_without ext2fs +%endif +Name: libarchive +Version: 3.6.2 +Release: 0 +Summary: Utility and C library to create and read several different streaming archive formats +License: BSD-2-Clause +Group: Productivity/Archiving/Compression +URL: https://www.libarchive.org/ +Source0: https://github.com/libarchive/libarchive/releases/download/v%{version}/libarchive-%{version}.tar.xz +Source1: https://github.com/libarchive/libarchive/releases/download/v%{version}/libarchive-%{version}.tar.xz.asc +Source2: libarchive.keyring +Source1000: baselibs.conf +Patch1: lib-suffix.patch +Patch2: fix-soversion.patch +BuildRequires: cmake +BuildRequires: libacl-devel +BuildRequires: libbz2-devel +BuildRequires: liblz4-devel +BuildRequires: libtool +BuildRequires: libxml2-devel +BuildRequires: libzstd-devel +BuildRequires: ninja +BuildRequires: pkgconfig +BuildRequires: xz-devel +BuildRequires: zlib-devel +%if %{with ext2fs} +BuildRequires: libext2fs-devel +%endif +%if %{with openssl} +BuildRequires: libopenssl-devel +%endif + +%description +Libarchive is a programming library that can create and read several +different streaming archive formats, including most popular tar +variants and several cpio formats. It can also write shar archives and +read ISO-9660 CDROM images. The bsdtar program is an implementation of +tar(1) that is built on top of libarchive. It started as a test +harness, but has grown and is now the standard system tar for FreeBSD 5 +and 6. + +This package contains the bsdtar cmdline utility. + +%package -n bsdtar +Summary: Utility to read several different streaming archive formats +Group: Productivity/Archiving/Compression +Requires: %{libname} >= %{version} + +%description -n bsdtar +This package contains the bsdtar cmdline utility. + +%package -n %{libname} +Summary: Library to work with several different streaming archive formats +Group: System/Libraries + +%description -n %{libname} +Libarchive is a programming library that can create and read several +different streaming archive formats, including most popular tar +variants and several cpio formats. It can also write shar archives and +read ISO-9660 CDROM images. The bsdtar program is an implementation of +tar(1) that is built on top of libarchive. It started as a test +harness, but has grown and is now the standard system tar for FreeBSD 5 +and 6. + +The libarchive library offers a number of features that make it both +very flexible and very powerful. + +- Automatic format detection: libarchive can automatically determine + both the compression and the archive format, regardless of the + data source. Most tar implementations do not automatically detect + the compression format, few implementation that can correctly do + this when reading from stdin or a socket. (The tar program + included with Gunnar Ritter's heirloom collection also does full + automatic format detection.) + +- Writes POSIX formats: libarchive writes POSIX-standard formats, + including "ustar," "pax interchange format," and the POSIX "cpio" + format. + +- Supports pax interchange format: Pax interchange format (which, + despite the name, is really an extended tar format) eliminates + almost all limitations of historic tar formats and provides a + standard method for incorporating vendor-specific extensions. + libarchive exploits this extension mechanism to support ACLs and + file flags, for example. (Joerg Schilling's star archiver is + another open-source tar program that supports pax interchange + format.) + +- Reads popular formats: libarchive can read GNU tar, ustar, pax + interchange format, cpio, and older tar variants. The internal + architecture is easily extensible. The only requirement for + support is that it be possible to read the format without seeking + in the file. (For example, a format that includes a compressed + size field before the data cannot be correctly written without + seeking.) + +- High-Level API: the libarchive API makes it fairly simple to build + an archive from a list of filenames or to extract the entries + from an archive. However, the API also provides extreme + flexibility with regards to data sources. For example, there are + generic hooks that allow you to write an archive to a socket or + read data from an archive entry into a memory buffer. + +- Extensible. The internal design uses generic interfaces for +compression, archive format detection and decoding, and archive data +I/O. It should be very easy to add new formats, new compression +methods, or new ways of reading/writing archives. + +%package -n libarchive-devel +Summary: Development files for libarchive +Group: Development/Libraries/C and C++ +Requires: %{libname} = %{version} +Requires: glibc-devel + +%description -n libarchive-devel +Libarchive is a programming library that can create and read several +different streaming archive formats, including most popular tar +variants and several cpio formats. It can also write shar archives and +read ISO-9660 CDROM images. The bsdtar program is an implementation of +tar(1) that is built on top of libarchive. It started as a test +harness, but has grown and is now the standard system tar for FreeBSD 5 +and 6. + +This package contains the development files. + +%package static-devel +Summary: Static library for libarchive +Group: Development/Libraries/C and C++ +Requires: %{name}-devel = %{version} + +%description static-devel +Static library for libarchive + +%prep +%setup -q +%autopatch -p1 + +%build +%define __builder ninja +%cmake +%cmake_build + +%check +%ctest + +%install +%cmake_install + +find %{buildroot} -type f -name "*.la" -delete -print +rm "%{buildroot}%{_libdir}/libarchive.a" +rm "%{buildroot}%{_mandir}/man5/"{tar,cpio,mtree}.5* +sed -i -e '/Libs.private/d' %{buildroot}%{_libdir}/pkgconfig/libarchive.pc + +%post -n %{libname} -p /sbin/ldconfig +%postun -n %{libname} -p /sbin/ldconfig + +%files -n bsdtar +%{_bindir}/bsdcat +%{_bindir}/bsdcpio +%{_bindir}/bsdtar +%{_mandir}/man1/* +%{_mandir}/man5/* + +%files -n %{libname} +%license COPYING +%doc NEWS +%{_libdir}/libarchive.so.* + +%files -n libarchive-devel +%doc examples/ +%{_mandir}/man3/* +%{_libdir}/libarchive.so +%{_includedir}/archive* +%{_libdir}/pkgconfig/libarchive.pc + +%if %{with static_libs} +%files static-devel +%{_libdir}/%{name}.a +%endif + +%changelog