Accepting request 1170930 from home:dspinella:branches:Archiving

- Update to 3.7.4:
    * rar: Fix OOB in rar e8 filter (CVE-2024-26256, bsc#1222911)
    * zip: Fix out of boundary access
    * 7zip: Limit amount of properties
    * bsdtar: Fix error handling around strtol() usages
    * passphrase: Improve newline handling on Windows
    * passphrase: Never allow empty passwords
    * rar: Fix "File CRC Error" when extracting specific rar4 archives
    * xar: Avoid infinite link loop
    * zip: Update AppleDouble support for directories
    * zstd: Implement core detection
- Update to 3.7.3:
    * PCRE2 support
    * add trailing letter b to bsdtar(1) substitute pattern
    * add support for long options "--group" and "--owner" to tar(1)
    * Fix possible vulnerability in tar error reporting introduced in f27c173
    * ISO9660: preserve the natural order of links
    * rar5: fix decoding unicode filenames on Windows
    * rar5: fix infinite loop if during rar5 decompression the last block produced no data
    * xz filter: fix incorrect eof at the end of an lzip member
    * zip: fix end-of-data marker processing when decompressing zip archives
    * multiple bsdunzip(1) fixes
    * filetime truncation fix on Windows
- Fix rpmlint warning about summary being too long

OBS-URL: https://build.opensuse.org/request/show/1170930
OBS-URL: https://build.opensuse.org/package/show/Archiving/libarchive?expand=0&rev=122

libarchive-3.7.2.tar.xz

@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:04357661e6717b6941682cde02ad741ae4819c67a260593dfb2431861b251acb
-size 5237056

libarchive-3.7.2.tar.xz.asc

@@ -1,14 +0,0 @@
------BEGIN PGP SIGNATURE-----
-
-iQGzBAABCgAdFiEE2yx88bTCZfrvVuP8WEihi48UGEsFAmT/ktkACgkQWEihi48U
-GEuaGQwAys30icl3gHL4W1EBf63n2EtlEWUMy3pVab2ZO7eTYGO7slWygXYmfjTe
-WwkuIsBpfrH5fBsfMRq12WxXNKBQiTY0mwTH881H1kOXsLEbeFxlUZ5JRajTLa55
-UBy/u2MJZZHjvdUUJMJG8qTHUdbjquZkZUfMWJyd7jRz9UTez6SolayUzFx6Os/V
-MI0djMCQ+7FZecvA0+3AHiTsiAmK3+6upsJz2+KgczABlmFzQhcQ4y7ZdBzbSDTG
-AJ6yqivLC+6Kfe6Kph8Ci5VJ/EWkc9vdei0JxQDNT/ramrGuk+9XwEC8rdCLWr6x
-q8spjOHRPYf9wPeQXSEPuSkvFJIN6Y9EQ1KWHn2cYmBcr99C0iDVile0ztPO5SqX
-IAgLxnZo0WuVytR2gy+xMS7gLPOIMB6Zu6+ViWlhp0Uqlk0ypndFnTXnycVWbtz2
-iCSlAH7qikHt1MhbnbPILPhNS/8IScq6aiF2TPN+p9COnzy7Gnzi/IstlG8VM/cu
-njTFixjD
-=aLKb
------END PGP SIGNATURE-----

libarchive-3.7.4.tar.xz.asc

@@ -0,0 +1,14 @@
+-----BEGIN PGP SIGNATURE-----
+
+iQGzBAABCgAdFiEE2yx88bTCZfrvVuP8WEihi48UGEsFAmYre4IACgkQWEihi48U
+GEvAuwwAmsnbql7+1CW9RuBHitOvHyIL6sHbjR0Hd3ruI9s3FMevMBzPjpb5MgOU
+/D+o0amv1Tv/QSJAid1siZIumgur2hzqglNMK5FkoajpZ1UjYASHHxFoh5qkRKvW
+Ws/ViXMVGB2DlyydzzjFwa0JAAK/IpD9uKPPr6rgt+cRBibkWXuJILbmzi/DF1XH
+zlp/5FGwzY4/zhqbXgz11ZhX3gacdLd68+xsYbSII2JvZ2yb2zsS+0ia3skUawEj
+QMKzdpErqO+RedsRiJG9fjA65Q1hKWpMoWMuKZWLX+v0iv/OHv57RzLelmPy6Ohw
+0/PwCHFzFmOfu2LZd+mCWsrYaBrezGJq9tm+pAsCXSxcj3LuQwZ6d8/wgtS5CeNE
++LoHCbzAcI5WiyU3wbw1qvulVDewL+j0rQoj23Lj2z9ry2K94NMpYji3JMkWI8dS
+QXitZd29uZ9l5Jf5Kz9BLHOoO1Q8bEOGB33dLpT+UIjFoJ6wqxNXef6OAECoHGH0
+OnEtTuAX
+=kNTk
+-----END PGP SIGNATURE-----

libarchive.changes

@@ -1,3 +1,31 @@
+-------------------------------------------------------------------
+Tue Apr 30 08:05:28 UTC 2024 - Danilo Spinella <danilo.spinella@suse.com>
+
+- Update to 3.7.4:
+    * rar: Fix OOB in rar e8 filter (CVE-2024-26256, bsc#1222911)
+    * zip: Fix out of boundary access
+    * 7zip: Limit amount of properties
+    * bsdtar: Fix error handling around strtol() usages
+    * passphrase: Improve newline handling on Windows
+    * passphrase: Never allow empty passwords
+    * rar: Fix "File CRC Error" when extracting specific rar4 archives
+    * xar: Avoid infinite link loop
+    * zip: Update AppleDouble support for directories
+    * zstd: Implement core detection
+- Update to 3.7.3:
+    * PCRE2 support
+    * add trailing letter b to bsdtar(1) substitute pattern
+    * add support for long options "--group" and "--owner" to tar(1)
+    * Fix possible vulnerability in tar error reporting introduced in f27c173
+    * ISO9660: preserve the natural order of links
+    * rar5: fix decoding unicode filenames on Windows
+    * rar5: fix infinite loop if during rar5 decompression the last block produced no data
+    * xz filter: fix incorrect eof at the end of an lzip member
+    * zip: fix end-of-data marker processing when decompressing zip archives
+    * multiple bsdunzip(1) fixes
+    * filetime truncation fix on Windows
+- Fix rpmlint warning about summary being too long
+
 -------------------------------------------------------------------
 Fri Dec 29 18:39:00 UTC 2023 - Dirk Müller <dmueller@suse.com>
 

libarchive.spec

@@ -1,7 +1,7 @@
 #
 # spec file for package libarchive
 #
-# Copyright (c) 2023 SUSE LLC
+# Copyright (c) 2024 SUSE LLC
 #
 # All modifications and additions to the file contributed by third parties
 # remain the property of their copyright owners, unless otherwise agreed
@@ -30,9 +30,9 @@
 %bcond_without	ext2fs
 %endif
 Name:           libarchive
-Version:        3.7.2
+Version:        3.7.4
 Release:        0
-Summary:        Utility and C library to create and read several different streaming archive formats
+Summary:        Utility and C library to create and read several streaming archive formats
 License:        BSD-2-Clause
 Group:          Productivity/Archiving/Compression
 URL:            https://www.libarchive.org/