From c548fd5003dcfd38d3f9a983c406eccc5a03dd2197987613754363ba85c7bf38 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Adrian=20Schr=C3=B6ter?= Date: Tue, 18 Feb 2020 08:46:15 +0000 Subject: [PATCH] Accepting request 774886 from home:namtrac:branches:Archiving including CVE-2019-18408 - Fixes CVE-2017-14501, CVE-2017-14502, CVE-2017-14503 OBS-URL: https://build.opensuse.org/request/show/774886 OBS-URL: https://build.opensuse.org/package/show/Archiving/libarchive?expand=0&rev=95 --- libarchive.changes | 2 ++ 1 file changed, 2 insertions(+) diff --git a/libarchive.changes b/libarchive.changes index 06e9af7..ba7821f 100644 --- a/libarchive.changes +++ b/libarchive.changes @@ -69,6 +69,7 @@ Thu Jun 13 08:00:36 UTC 2019 - Ismail Dönmez * Fix reading Android APK archives (#1055 ) * Fix problems related to unreadable directories (#1167) * A two-digit number of OSS-Fuzz issues was resolved in this release + including CVE-2019-18408 - Add libarchive.keyring and validate the tarball signature - Drop all security patches, fixed upstream: * CVE-2018-1000877.patch @@ -115,6 +116,7 @@ Fri Sep 14 06:57:14 UTC 2018 - Adrian Schröter * Many fixes for building with Visual Studio * NO_OVERWRITE doesn't change existing directory attributes * New support for Zstandard read and write filters +- Fixes CVE-2017-14501, CVE-2017-14502, CVE-2017-14503 - fix-CVE-2017-14166.patch is obsolete -------------------------------------------------------------------