Commit Graph

123 Commits

Author SHA256 Message Date
Dominique Leuenberger
1fcf484c8b Accepting request 1172240 from Archiving
OBS-URL: https://build.opensuse.org/request/show/1172240
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/libarchive?expand=0&rev=50
2024-05-07 16:02:41 +00:00
Martin Pluskal
9942b8eaa6 Accepting request 1170930 from home:dspinella:branches:Archiving
- Update to 3.7.4:
    * rar: Fix OOB in rar e8 filter (CVE-2024-26256, bsc#1222911)
    * zip: Fix out of boundary access
    * 7zip: Limit amount of properties
    * bsdtar: Fix error handling around strtol() usages
    * passphrase: Improve newline handling on Windows
    * passphrase: Never allow empty passwords
    * rar: Fix "File CRC Error" when extracting specific rar4 archives
    * xar: Avoid infinite link loop
    * zip: Update AppleDouble support for directories
    * zstd: Implement core detection
- Update to 3.7.3:
    * PCRE2 support
    * add trailing letter b to bsdtar(1) substitute pattern
    * add support for long options "--group" and "--owner" to tar(1)
    * Fix possible vulnerability in tar error reporting introduced in f27c173
    * ISO9660: preserve the natural order of links
    * rar5: fix decoding unicode filenames on Windows
    * rar5: fix infinite loop if during rar5 decompression the last block produced no data
    * xz filter: fix incorrect eof at the end of an lzip member
    * zip: fix end-of-data marker processing when decompressing zip archives
    * multiple bsdunzip(1) fixes
    * filetime truncation fix on Windows
- Fix rpmlint warning about summary being too long

OBS-URL: https://build.opensuse.org/request/show/1170930
OBS-URL: https://build.opensuse.org/package/show/Archiving/libarchive?expand=0&rev=122
2024-05-06 17:12:38 +00:00
Dominique Leuenberger
824dc2deb2 Accepting request 1135735 from Archiving
OBS-URL: https://build.opensuse.org/request/show/1135735
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/libarchive?expand=0&rev=49
2024-01-04 14:57:03 +00:00
Martin Pluskal
c9e103d848 Accepting request 1135701 from home:dirkmueller:Factory
- skip write tests on 32bit, they OOM

OBS-URL: https://build.opensuse.org/request/show/1135701
OBS-URL: https://build.opensuse.org/package/show/Archiving/libarchive?expand=0&rev=120
2023-12-30 07:16:07 +00:00
Martin Pluskal
a98beefcf3 Accepting request 1132047 from home:yfjiang:branches:Archiving
Sync changelog with Leap/SLE.

OBS-URL: https://build.opensuse.org/request/show/1132047
OBS-URL: https://build.opensuse.org/package/show/Archiving/libarchive?expand=0&rev=119
2023-12-12 10:02:48 +00:00
Martin Pluskal
03543ced18 Accepting request 1111737 from home:dirkmueller:Factory
- update to 3.7.2:
  * Multiple vulnerabilities have been fixed in the PAX writer
  * bsdunzip(1) now correctly handles arguments following an
    -x after the zipfile
  * zstd filter now supports the "long" write option
  * SEGV and stack buffer overflow in verbose mode of cpio
  * bsdunzip updated to match latest upstream code
  * miscellaneous functional bugfixes

  * NULL pointer dereference vulnerability in archive_write.c
  * fix heap user after free in run_filters() (OSS-Fuzz 46279, #1715)
  * ZIP reader: Support of deflate algorithm in symbolic link decompression
- Switch to cmake build
- libarchive-xattr.patch, fix subtle wrong library check
- libarchive-openssl.patch: Call OPENSSL_config where needed,
  otherwise on systems configured to use openSSL engines such
  This is a maintenance update to fix issues with the new RAR
- Enforce usage of reentrant versions of libc functions
- fix failed tests on ppc
- Use %makeinstall to be SLES compatible
- For SLES11 work around missing rpm macro
- Add suport for xz and xar archives
- Add libarchive-2.8.4-iso9660-data-types.patch:
- fix dependency of devel package
- remove minitar objects (leave binary there for now)

OBS-URL: https://build.opensuse.org/request/show/1111737
OBS-URL: https://build.opensuse.org/package/show/Archiving/libarchive?expand=0&rev=118
2023-10-03 08:18:10 +00:00
Ana Guerrero
77dadacc4b Accepting request 1100374 from Archiving
- update to 3.7.0
  * bsdunzip port from FreeBSD
  * fix 2 year 2038 issues

OBS-URL: https://build.opensuse.org/request/show/1100374
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/libarchive?expand=0&rev=48
2023-07-25 09:22:52 +00:00
79c72dadd1 Accepting request 1100254 from home:bmwiedemann:branches:Archiving
update to 3.7.0
  * bsdunzip port from FreeBSD
  * fix 2 year 2038 issues

OBS-URL: https://build.opensuse.org/request/show/1100254
OBS-URL: https://build.opensuse.org/package/show/Archiving/libarchive?expand=0&rev=116
2023-07-24 11:39:13 +00:00
Dominique Leuenberger
dd8b3cf25b Accepting request 1045504 from Archiving
OBS-URL: https://build.opensuse.org/request/show/1045504
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/libarchive?expand=0&rev=47
2022-12-29 12:08:44 +00:00
Martin Pluskal
ac24f0abfe Accepting request 1044376 from home:dirkmueller:Factory
- update to 3.6.2 (bsc#1205629, CVE-2022-36227)
  * NULL pointer dereference vulnerability in archive_write.c 
  * include ZSTD in Windows builds (#1688)
  * SSL fixes on Windows (#1714, #1723, #1724)
  * rar5 reader: fix possible garbled output with bsdtar -O (#1745)
  * mtree reader: support reading mtree files with tabs (#1783)
  * various small fixes for issues found by CodeQL

OBS-URL: https://build.opensuse.org/request/show/1044376
OBS-URL: https://build.opensuse.org/package/show/Archiving/libarchive?expand=0&rev=114
2022-12-27 13:39:02 +00:00
Dominique Leuenberger
02bc99e59a Accepting request 968364 from Archiving
OBS-URL: https://build.opensuse.org/request/show/968364
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/libarchive?expand=0&rev=46
2022-04-13 19:03:58 +00:00
eda2f97516 Accepting request 967884 from home:dirkmueller:Factory
- update to 3.6.1:
  * 7zip reader: fix PPMD read beyond boundary (#1671)
  * ZIP reader: fix possible out of bounds read (OSS-Fuzz 38766 #1672)
  * ISO reader: fix possible heap buffer overflow in read_children() (OSS-Fuzz 38764, #1685)
  * RARv4 redaer: fix multiple issues in RARv4 filter code (introduced in libarchive 3.6.0)
  * fix heap use after free in archive_read_format_rar_read_data() (OSS-Fuzz 44547, 52efa50)
  * fix null dereference in read_data_compressed() (OSS-Fuzz 44843, 1271f77)
  * fix heap user after free in run_filters() (OSS-Fuzz 46279, #1715)

OBS-URL: https://build.opensuse.org/request/show/967884
OBS-URL: https://build.opensuse.org/package/show/Archiving/libarchive?expand=0&rev=112
2022-04-11 06:54:47 +00:00
Dominique Leuenberger
98f4e798bd Accepting request 958752 from Archiving
OBS-URL: https://build.opensuse.org/request/show/958752
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/libarchive?expand=0&rev=45
2022-03-05 13:43:48 +00:00
2341bd7a2f Accepting request 957430 from home:susnux:branches:Archiving
Update to 3.6.0
Fix use-after-free bug (CVE-2021-36976)

OBS-URL: https://build.opensuse.org/request/show/957430
OBS-URL: https://build.opensuse.org/package/show/Archiving/libarchive?expand=0&rev=110
2022-03-03 12:36:53 +00:00
Dominique Leuenberger
3bba2cb491 Accepting request 934501 from Archiving
- fix permission settings on following symlinks (fix-following-symlinks.patch)
  this fixes also wrong permissions of /var/tmp in factory systems

OBS-URL: https://build.opensuse.org/request/show/934501
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/libarchive?expand=0&rev=44
2021-12-01 19:46:47 +00:00
c4c3f5a330 comment fix
OBS-URL: https://build.opensuse.org/package/show/Archiving/libarchive?expand=0&rev=109
2021-11-29 10:08:42 +00:00
9ce8dbc65f update
OBS-URL: https://build.opensuse.org/package/show/Archiving/libarchive?expand=0&rev=108
2021-11-29 09:01:16 +00:00
Dominique Leuenberger
c2e21d1da4 Accepting request 930071 from Archiving
OBS-URL: https://build.opensuse.org/request/show/930071
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/libarchive?expand=0&rev=43
2021-11-10 20:45:40 +00:00
48f19b8354 Accepting request 930015 from home:AndreasStieger:branches:Archiving
libarchive 3.5.2 boo#1192425 boo#1192426 boo#1192427

OBS-URL: https://build.opensuse.org/request/show/930015
OBS-URL: https://build.opensuse.org/package/show/Archiving/libarchive?expand=0&rev=107
2021-11-08 07:20:02 +00:00
Dominique Leuenberger
908ec0ec72 Accepting request 862536 from Archiving
OBS-URL: https://build.opensuse.org/request/show/862536
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/libarchive?expand=0&rev=42
2021-01-14 14:04:34 +00:00
d83a603d19 Accepting request 860776 from home:dirkmueller:branches:Archiving
- update to 3.5.1:
  * various compilation fixes (#1461, #1462, #1463, #1464)
  * fixed undefined behavior in a function in warc reader (#1465)

OBS-URL: https://build.opensuse.org/request/show/860776
OBS-URL: https://build.opensuse.org/package/show/Archiving/libarchive?expand=0&rev=105
2021-01-12 08:32:24 +00:00
Dominique Leuenberger
4a2eb8dd65 Accepting request 853109 from Archiving
OBS-URL: https://build.opensuse.org/request/show/853109
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/libarchive?expand=0&rev=41
2020-12-05 19:35:44 +00:00
93158127b7 Accepting request 852309 from home:namtrac:branches:Archiving
- Update to version 3.5.0
  New features:
  * mtree digest reader support (#1347)
  * completed support for UTF-8 encoding conversion (#1389)
  * minor API enhancements (#1258, #1405)
  * support for system extended attributes (#1409)
  * support for decompression of symbolic links in zipx archives (#1435)
  Important bugfixes
  * fixed extraction of archives with hard links pointing to itself (#1381)
  * cpio fixes (#1387, #1388)
  * fixed uninitialized size in rar5_read_data (#1408)
  * fixed memory leaks in error case of archive_write_open() functions (#1456)
- Drop libarchive-3.4.3-fix_test_write_disk_secure.patch, fixed upstream.

OBS-URL: https://build.opensuse.org/request/show/852309
OBS-URL: https://build.opensuse.org/package/show/Archiving/libarchive?expand=0&rev=103
2020-12-04 14:03:32 +00:00
Dominique Leuenberger
4897bdedd3 Accepting request 832905 from Archiving
OBS-URL: https://build.opensuse.org/request/show/832905
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/libarchive?expand=0&rev=40
2020-09-10 20:46:16 +00:00
d3521d6af2 Accepting request 832835 from home:AndreasStieger:branches:Archiving
fix build with binutils submitted to Factory

OBS-URL: https://build.opensuse.org/request/show/832835
OBS-URL: https://build.opensuse.org/package/show/Archiving/libarchive?expand=0&rev=101
2020-09-08 07:05:14 +00:00
Yuchen Lin
486ccc073f Accepting request 807454 from Archiving
OBS-URL: https://build.opensuse.org/request/show/807454
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/libarchive?expand=0&rev=39
2020-05-26 15:13:44 +00:00
768fafe6d8 Accepting request 807429 from home:namtrac:branches:Archiving
- Update to version 3.4.3
  * support for pzstd compressed files (#1357)
  * support for RHT.security.selinux tar extended attribute (#1348)
  * various zstd fixes and improvements (#1342 #1352 #1359)
  * child process handling fixes (#1372)

OBS-URL: https://build.opensuse.org/request/show/807429
OBS-URL: https://build.opensuse.org/package/show/Archiving/libarchive?expand=0&rev=99
2020-05-20 07:01:10 +00:00
Dominique Leuenberger
54e6d6a673 Accepting request 776266 from Archiving
OBS-URL: https://build.opensuse.org/request/show/776266
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/libarchive?expand=0&rev=38
2020-02-24 14:49:51 +00:00
5075323f16 Accepting request 776242 from home:namtrac:branches:Archiving
- Switch back to cmake build now that cmake-mini exists, this will
  no longer create a build-cycle.

OBS-URL: https://build.opensuse.org/request/show/776242
OBS-URL: https://build.opensuse.org/package/show/Archiving/libarchive?expand=0&rev=97
2020-02-19 10:15:38 +00:00
Dominique Leuenberger
e2c7217313 Accepting request 775062 from Archiving
OBS-URL: https://build.opensuse.org/request/show/775062
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/libarchive?expand=0&rev=37
2020-02-18 09:35:32 +00:00
c548fd5003 Accepting request 774886 from home:namtrac:branches:Archiving
including CVE-2019-18408
- Fixes CVE-2017-14501, CVE-2017-14502, CVE-2017-14503

OBS-URL: https://build.opensuse.org/request/show/774886
OBS-URL: https://build.opensuse.org/package/show/Archiving/libarchive?expand=0&rev=95
2020-02-18 08:46:15 +00:00
Dominique Leuenberger
7ca4b2f8a4 Accepting request 773616 from Archiving
OBS-URL: https://build.opensuse.org/request/show/773616
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/libarchive?expand=0&rev=36
2020-02-15 21:24:41 +00:00
Martin Pluskal
6447e5d152 Accepting request 773614 from home:namtrac:branches:Archiving
- Update to version 3.4.2
  New features:
  * support for atomic file extraction (bsdtar -x --safe-writes) (#1289)
  * support for mbed TLS (PolarSSL) (#1301)
  Important bugfixes:
  * security fixes in RAR5 reader (#1280 #1326)
  * compression buffer fix in XAR writer (#1317)
  * fix uname and gname longer than 32 characters in PAX writer (#1319)
  * fix segfault when archiving hard links in ISO9660 and XAR writers (#1325)
  * fix support for extracting 7z archive entries with Delta filter (#987)

OBS-URL: https://build.opensuse.org/request/show/773614
OBS-URL: https://build.opensuse.org/package/show/Archiving/libarchive?expand=0&rev=93
2020-02-12 08:42:32 +00:00
Dominique Leuenberger
07d0e8589e Accepting request 760140 from Archiving
OBS-URL: https://build.opensuse.org/request/show/760140
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/libarchive?expand=0&rev=35
2020-01-01 13:58:28 +00:00
Martin Pluskal
8d8d3afe6b Accepting request 760008 from home:namtrac:branches:Archiving
- Revert back to autoconf, cmake introduces a cycle. Leave cmake
  patches in since they are basically correct and might be useful
  in the future.

- Update to version 3.4.1
  New features:
  * Unicode filename support for reading lha/lzh archives
  * New pax write option "xattrhdr"
  Important bugfixes:
  * security fixes in wide string processing (#1276 #1298)
  * security fixes in RAR5 reader (#1212 #1217 #1296) CVE-2019-19221
  * security fixes and optimizations to write filter logic (#351)
  * security fix related to use of readlink(2) (1dae5a5)
  * sparse file handling fixes (#1218 #1260)
- Drop CVE-2019-19221.patch and fix-zstd-test.patch, fixed upstream

  CVE-2019-19221.patch out-of-bounds read in libarchive

OBS-URL: https://build.opensuse.org/request/show/760008
OBS-URL: https://build.opensuse.org/package/show/Archiving/libarchive?expand=0&rev=91
2019-12-31 08:23:29 +00:00
9d7341ca2a fix
OBS-URL: https://build.opensuse.org/package/show/Archiving/libarchive?expand=0&rev=90
2019-11-22 13:20:39 +00:00
b4a8d0f3ab Accepting request 724492 from home:namtrac:branches:Archiving
- Switch to cmake build 
- Add lib-suffix.patch to honor LIB_SUFFIX
- Add fix-zstd-test.patch to fix zstd test
- Add fix-soversion.patch to fix the soversion to 13 as autotools

OBS-URL: https://build.opensuse.org/request/show/724492
OBS-URL: https://build.opensuse.org/package/show/Archiving/libarchive?expand=0&rev=89
2019-08-22 07:41:07 +00:00
Martin Pluskal
edfffe5861 Accepting request 711098 from home:namtrac:branches:Archiving
- Add lz4 and zstd support
- Add BuildRequires on liblz4-devel and libzstd-devel

OBS-URL: https://build.opensuse.org/request/show/711098
OBS-URL: https://build.opensuse.org/package/show/Archiving/libarchive?expand=0&rev=88
2019-06-20 13:43:11 +00:00
Dominique Leuenberger
00af0a8d38 Accepting request 709705 from Archiving
OBS-URL: https://build.opensuse.org/request/show/709705
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/libarchive?expand=0&rev=34
2019-06-17 08:32:01 +00:00
afb0de5939 Accepting request 709701 from home:namtrac:branches:Archiving
- Add libarchive.keyring and validate the tarball signature

OBS-URL: https://build.opensuse.org/request/show/709701
OBS-URL: https://build.opensuse.org/package/show/Archiving/libarchive?expand=0&rev=86
2019-06-13 09:45:04 +00:00
901ee0d552 Accepting request 709686 from home:namtrac:branches:Archiving
- Update to version 3.4.0
  * Support for file and directory symlinks on Windows
  * Read support for RAR 5.0 archives
  * Read support for ZIPX archives with xz, lzma, ppmd8 and
    bzip2 compression
  * Support for non-recursive list and extract
  * New tar option: --exclude-vcs
  * Improved file attribute support on Linux and file flags support
    on FreeBSD
  * Fix reading Android APK archives (#1055 )
  * Fix problems related to unreadable directories (#1167)
  * A two-digit number of OSS-Fuzz issues was resolved in this release
- Drop all security patches, fixed upstream:
  * CVE-2018-1000877.patch
  * CVE-2018-1000878.patch
  * CVE-2018-1000879.patch
  * CVE-2018-1000880.patch
  * CVE-2019-1000019.patch
  * CVE-2019-1000020.patch

OBS-URL: https://build.opensuse.org/request/show/709686
OBS-URL: https://build.opensuse.org/package/show/Archiving/libarchive?expand=0&rev=85
2019-06-13 08:50:06 +00:00
Stephan Kulow
9eb5fb5014 Accepting request 671920 from Archiving
- Added patches:
  * CVE-2019-1000019.patch Fixes 7zip crash (boo#1124341)
  * CVE-2019-1000020.patch ISO9660 infinite loop fixed (boo#1124342)

OBS-URL: https://build.opensuse.org/request/show/671920
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/libarchive?expand=0&rev=33
2019-02-08 12:47:20 +00:00
f3cb9ea74a fixing
OBS-URL: https://build.opensuse.org/package/show/Archiving/libarchive?expand=0&rev=83
2019-02-05 15:18:54 +00:00
d0395584d2 fix
OBS-URL: https://build.opensuse.org/package/show/Archiving/libarchive?expand=0&rev=82
2019-02-05 15:17:56 +00:00
Dominique Leuenberger
2edab333ae Accepting request 662755 from Archiving
OBS-URL: https://build.opensuse.org/request/show/662755
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/libarchive?expand=0&rev=32
2019-01-11 12:59:52 +00:00
Martin Pluskal
c118cad477 Accepting request 662692 from home:kbabioch:branches:Archiving
- Added patches:
  * CVE-2018-1000877.patch, which fixes a double free vulnerability in RAR
    decoder (CVE-2018-1000877 bsc#1120653)
  * CVE-2018-1000878.patch, which fixes a Use-After-Free vulnerability in RAR
    decoder (CVE-2018-1000878 bsc#1120654)
  * CVE-2018-1000879.patch, which fixes a NULL Pointer Dereference
    vulnerability in ACL parser (CVE-2018-1000879 bsc#1120656)
  * CVE-2018-1000880.patch, which fixes an improper input validation
    vulnerability in WARC parser (CVE-2018-1000880 bsc#1120659)
- Make use of %license macro
- Applied spec-cleaner

OBS-URL: https://build.opensuse.org/request/show/662692
OBS-URL: https://build.opensuse.org/package/show/Archiving/libarchive?expand=0&rev=80
2019-01-04 08:14:08 +00:00
Dominique Leuenberger
3fcc2207ae Accepting request 637868 from Archiving
Automatic submission by obs-autosubmit

OBS-URL: https://build.opensuse.org/request/show/637868
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/libarchive?expand=0&rev=31
2018-10-02 17:43:45 +00:00
Yuchen Lin
d74a03d6bf Accepting request 635701 from Archiving
(the missing patch check should really become a source service
 validation instead of a request review IMHO)

- update to version 3.3.3
  * Avoid super-linear slowdown on malformed mtree files
  * Many fixes for building with Visual Studio
  * NO_OVERWRITE doesn't change existing directory attributes
  * New support for Zstandard read and write filters
- fix-CVE-2017-14166.patch is obsolete

OBS-URL: https://build.opensuse.org/request/show/635701
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/libarchive?expand=0&rev=30
2018-09-20 09:37:22 +00:00
06d8f80ff8 Accepting request 636283 from home:jengelh:branches:Archiving
- Fix RPM groups. Remove idempotent %if..%endif guards.
  Diversify summaries. Set CFLAGS instead of re-defining
  optflags with itself.

OBS-URL: https://build.opensuse.org/request/show/636283
OBS-URL: https://build.opensuse.org/package/show/Archiving/libarchive?expand=0&rev=77
2018-09-18 07:41:19 +00:00
3effff948a bah
OBS-URL: https://build.opensuse.org/package/show/Archiving/libarchive?expand=0&rev=76
2018-09-14 09:06:05 +00:00