From b4b0368c5667e346a53c8d634b88209045fa2f1e3597b6441414f2ab62db987d Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Adrian=20Schr=C3=B6ter?= Date: Tue, 4 Apr 2017 11:40:47 +0000 Subject: [PATCH 1/2] Accepting request 485188 from OBS:Server:Unstable version update OBS-URL: https://build.opensuse.org/request/show/485188 OBS-URL: https://build.opensuse.org/package/show/Archiving/libarchive?expand=0&rev=69 --- fix-extract-over-links.patch | 23 ----------------------- libarchive-3.2.2.tar.gz | 3 --- libarchive-3.3.1.tar.gz | 3 +++ libarchive.changes | 7 +++++++ libarchive.spec | 14 ++++---------- 5 files changed, 14 insertions(+), 36 deletions(-) delete mode 100644 fix-extract-over-links.patch delete mode 100644 libarchive-3.2.2.tar.gz create mode 100644 libarchive-3.3.1.tar.gz diff --git a/fix-extract-over-links.patch b/fix-extract-over-links.patch deleted file mode 100644 index f3d24ff..0000000 --- a/fix-extract-over-links.patch +++ /dev/null @@ -1,23 +0,0 @@ ---- a/libarchive/archive_write_disk_posix.c.orig 2016-12-02 13:13:57.433550535 +0000 -+++ a/libarchive/archive_write_disk_posix.c 2016-12-02 13:16:36.770020356 +0000 -@@ -2051,12 +2051,14 @@ create_filesystem_object(struct archive_ - /* EPERM is more appropriate than error_number for our callers */ - return (EPERM); - } -- r = check_symlinks_fsobj(linkname_copy, &error_number, &error_string, a->flags); -- if (r != ARCHIVE_OK) { -- archive_set_error(&a->archive, error_number, "%s", error_string.s); -- free(linkname_copy); -- /* EPERM is more appropriate than error_number for our callers */ -- return (EPERM); -+ if (a->flags & ARCHIVE_EXTRACT_SECURE_SYMLINKS) { -+ r = check_symlinks_fsobj(linkname_copy, &error_number, &error_string, a->flags); -+ if (r != ARCHIVE_OK) { -+ archive_set_error(&a->archive, error_number, "%s", error_string.s); -+ free(linkname_copy); -+ /* EPERM is more appropriate than error_number for our callers */ -+ return (EPERM); -+ } - } - free(linkname_copy); - r = link(linkname, a->name) ? errno : 0; diff --git a/libarchive-3.2.2.tar.gz b/libarchive-3.2.2.tar.gz deleted file mode 100644 index dd0c074..0000000 --- a/libarchive-3.2.2.tar.gz +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:691c194ee132d1f0f7a42541f091db811bc2e56f7107e9121be2bc8c04f1060f -size 5458241 diff --git a/libarchive-3.3.1.tar.gz b/libarchive-3.3.1.tar.gz new file mode 100644 index 0000000..81327e9 --- /dev/null +++ b/libarchive-3.3.1.tar.gz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:29ca5bd1624ca5a007aa57e16080262ab4379dbf8797f5c52f7ea74a3b0424e7 +size 6219943 diff --git a/libarchive.changes b/libarchive.changes index 97655c5..771baa5 100644 --- a/libarchive.changes +++ b/libarchive.changes @@ -1,3 +1,10 @@ +------------------------------------------------------------------- +Mon Apr 3 14:44:27 UTC 2017 - adrian@suse.de + +- update to version 3.3.1 + * Security & Feature release + Details are not documented from upstream yet + ------------------------------------------------------------------- Fri Dec 2 13:37:54 UTC 2016 - adrian@suse.com diff --git a/libarchive.spec b/libarchive.spec index 0f8d645..a584265 100644 --- a/libarchive.spec +++ b/libarchive.spec @@ -1,7 +1,7 @@ # # spec file for package libarchive # -# Copyright (c) 2016 SUSE LINUX GmbH, Nuernberg, Germany. +# Copyright (c) 2017 SUSE LINUX GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -33,7 +33,7 @@ %define libname libarchive%{somajor} Name: libarchive -Version: 3.2.2 +Version: 3.3.1 Release: 0 Summary: Creates and reads several different streaming archive formats License: BSD-2-Clause @@ -41,8 +41,6 @@ Group: Productivity/Archiving/Compression Url: http://www.libarchive.org/ Source0: http://www.libarchive.org/downloads/libarchive-%{version}.tar.gz Source1: baselibs.conf -# PATCH-FIX-OPENSUSE the problem is solved upstream different, but git master is too different atm. -Patch0: fix-extract-over-links.patch BuildRoot: %{_tmppath}/%{name}-%{version}-build BuildRequires: libacl-devel BuildRequires: libbz2-devel @@ -57,7 +55,6 @@ BuildRequires: libxml2-devel BuildRequires: pkg-config BuildRequires: xz-devel BuildRequires: zlib-devel -Patch1: libarchive-openssl.patch %description Libarchive is a programming library that can create and read several @@ -164,10 +161,6 @@ static library for libarchive %prep %setup -q -%patch0 -p1 -%if %{with openssl} -%patch1 -p0 -%endif %build %if !0%{?skip_autoreconf} @@ -187,7 +180,8 @@ sed -i -e "/HAVE_LZMA_STREAM_ENCODER_MT/d" config.h make %{?_smp_mflags} %check -make check +# test suite is a bit racy unfortunatly, so give it three attempts +make check || make check || make check %install %makeinstall From a6ec62ff8af718a88b91503571abd4fcadb227d0066d58799c02ef6cd98ebc3b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Adrian=20Schr=C3=B6ter?= Date: Tue, 18 Apr 2017 11:43:17 +0000 Subject: [PATCH 2/2] cleanup OBS-URL: https://build.opensuse.org/package/show/Archiving/libarchive?expand=0&rev=70 --- libarchive-openssl.patch | 64 ---------------------------------------- libarchive.changes | 1 + 2 files changed, 1 insertion(+), 64 deletions(-) delete mode 100644 libarchive-openssl.patch diff --git a/libarchive-openssl.patch b/libarchive-openssl.patch deleted file mode 100644 index d50b3be..0000000 --- a/libarchive-openssl.patch +++ /dev/null @@ -1,64 +0,0 @@ -Index: libarchive/archive_digest.c -=================================================================== ---- libarchive/archive_digest.c.orig -+++ libarchive/archive_digest.c -@@ -207,6 +207,7 @@ __archive_nettle_md5final(archive_md5_ct - static int - __archive_openssl_md5init(archive_md5_ctx *ctx) - { -+ OPENSSL_config(NULL); - EVP_DigestInit(ctx, EVP_md5()); - return (ARCHIVE_OK); - } -@@ -359,6 +360,7 @@ __archive_nettle_ripemd160final(archive_ - static int - __archive_openssl_ripemd160init(archive_rmd160_ctx *ctx) - { -+ OPENSSL_config(NULL); - EVP_DigestInit(ctx, EVP_ripemd160()); - return (ARCHIVE_OK); - } -@@ -509,6 +511,7 @@ __archive_nettle_sha1final(archive_sha1_ - static int - __archive_openssl_sha1init(archive_sha1_ctx *ctx) - { -+ OPENSSL_config(NULL); - EVP_DigestInit(ctx, EVP_sha1()); - return (ARCHIVE_OK); - } -@@ -733,6 +736,7 @@ __archive_nettle_sha256final(archive_sha - static int - __archive_openssl_sha256init(archive_sha256_ctx *ctx) - { -+ OPENSSL_config(NULL); - EVP_DigestInit(ctx, EVP_sha256()); - return (ARCHIVE_OK); - } -@@ -928,6 +932,7 @@ __archive_nettle_sha384final(archive_sha - static int - __archive_openssl_sha384init(archive_sha384_ctx *ctx) - { -+ OPENSSL_config(NULL); - EVP_DigestInit(ctx, EVP_sha384()); - return (ARCHIVE_OK); - } -@@ -1147,6 +1152,7 @@ __archive_nettle_sha512final(archive_sha - static int - __archive_openssl_sha512init(archive_sha512_ctx *ctx) - { -+ OPENSSL_config(NULL); - EVP_DigestInit(ctx, EVP_sha512()); - return (ARCHIVE_OK); - } -Index: libarchive/archive_cryptor_private.h -=================================================================== ---- libarchive/archive_cryptor_private.h.orig -+++ libarchive/archive_cryptor_private.h -@@ -100,6 +100,7 @@ typedef struct { - - #elif defined(HAVE_LIBCRYPTO) - #include -+#include - #define AES_BLOCK_SIZE 16 - #define AES_MAX_KEY_SIZE 32 - diff --git a/libarchive.changes b/libarchive.changes index 771baa5..c8de9dd 100644 --- a/libarchive.changes +++ b/libarchive.changes @@ -4,6 +4,7 @@ Mon Apr 3 14:44:27 UTC 2017 - adrian@suse.de - update to version 3.3.1 * Security & Feature release Details are not documented from upstream yet + fix-extract-over-links.patch and libarchive-openssl.patch obsoleted ------------------------------------------------------------------- Fri Dec 2 13:37:54 UTC 2016 - adrian@suse.com