Accepting request 635701 from Archiving

(the missing patch check should really become a source service
 validation instead of a request review IMHO)

- update to version 3.3.3
  * Avoid super-linear slowdown on malformed mtree files
  * Many fixes for building with Visual Studio
  * NO_OVERWRITE doesn't change existing directory attributes
  * New support for Zstandard read and write filters
- fix-CVE-2017-14166.patch is obsolete

OBS-URL: https://build.opensuse.org/request/show/635701
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/libarchive?expand=0&rev=30

fix-CVE-2017-14166.patch

@@ -1,32 +0,0 @@
-commit fa7438a0ff4033e4741c807394a9af6207940d71
-Author: Joerg Sonnenberger <joerg@bec.de>
-Date:   Tue Sep 5 18:12:19 2017 +0200
-
-    Do something sensible for empty strings to make fuzzers happy.
-
-diff --git a/libarchive/archive_read_support_format_xar.c b/libarchive/archive_read_support_format_xar.c
-index 7a22beb9..93eeacc5 100644
---- a/libarchive/archive_read_support_format_xar.c
-+++ b/libarchive/archive_read_support_format_xar.c
-@@ -1040,6 +1040,9 @@ atol10(const char *p, size_t char_cnt)
- 	uint64_t l;
- 	int digit;
- 
-+	if (char_cnt == 0)
-+		return (0);
-+
- 	l = 0;
- 	digit = *p - '0';
- 	while (digit >= 0 && digit < 10  && char_cnt-- > 0) {
-@@ -1054,7 +1057,10 @@ atol8(const char *p, size_t char_cnt)
- {
- 	int64_t l;
- 	int digit;
--        
-+
-+	if (char_cnt == 0)
-+		return (0);
-+
- 	l = 0;
- 	while (char_cnt-- > 0) {
- 		if (*p >= '0' && *p <= '7')

libarchive-3.3.2.tar.gz

@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:ed2dbd6954792b2c054ccf8ec4b330a54b85904a80cef477a1c74643ddafa0ce
-size 6236562

libarchive-3.3.3.tar.gz

@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:ba7eb1781c9fbbae178c4c6bad1c6eb08edab9a1496c64833d1715d022b30e2e
+size 6535598

libarchive.changes

@@ -1,3 +1,13 @@
+-------------------------------------------------------------------
+Fri Sep 14 06:57:14 UTC 2018 - Adrian Schröter <adrian@suse.de>
+
+- update to version 3.3.3
+  * Avoid super-linear slowdown on malformed mtree files
+  * Many fixes for building with Visual Studio
+  * NO_OVERWRITE doesn't change existing directory attributes
+  * New support for Zstandard read and write filters
+- fix-CVE-2017-14166.patch is obsolete
+
 -------------------------------------------------------------------
 Thu Sep  7 07:05:15 UTC 2017 - adrian@suse.de
 

libarchive.spec

@@ -1,7 +1,7 @@
 #
 # spec file for package libarchive
 #
-# Copyright (c) 2017 SUSE LINUX GmbH, Nuernberg, Germany.
+# Copyright (c) 2018 SUSE LINUX GmbH, Nuernberg, Germany.
 #
 # All modifications and additions to the file contributed by third parties
 # remain the property of their copyright owners, unless otherwise agreed
@@ -12,7 +12,7 @@
 # license that conforms to the Open Source Definition (Version 1.9)
 # published by the Open Source Initiative.
 
-# Please submit bugfixes or comments via http://bugs.opensuse.org/
+# Please submit bugfixes or comments via https://bugs.opensuse.org/
 #
 
 
@@ -33,7 +33,7 @@
 %define libname libarchive%{somajor}
 
 Name:           libarchive
-Version:        3.3.2
+Version:        3.3.3
 Release:        0
 Summary:        Creates and reads several different streaming archive formats
 License:        BSD-2-Clause
@@ -41,7 +41,6 @@ Group:          Productivity/Archiving/Compression
 Url:            http://www.libarchive.org/
 Source0:        http://www.libarchive.org/downloads/libarchive-%{version}.tar.gz
 Source1:        baselibs.conf
-Patch1:         fix-CVE-2017-14166.patch
 BuildRoot:      %{_tmppath}/%{name}-%{version}-build
 BuildRequires:  libacl-devel
 BuildRequires:  libbz2-devel
@@ -162,7 +161,6 @@ static library for libarchive
 
 %prep
 %setup -q
-%patch1 -p1
 
 %build
 %if !0%{?skip_autoreconf}