Commit Graph

73 Commits

Author SHA256 Message Date
Martin Pluskal
ac24f0abfe Accepting request 1044376 from home:dirkmueller:Factory
- update to 3.6.2 (bsc#1205629, CVE-2022-36227)
  * NULL pointer dereference vulnerability in archive_write.c 
  * include ZSTD in Windows builds (#1688)
  * SSL fixes on Windows (#1714, #1723, #1724)
  * rar5 reader: fix possible garbled output with bsdtar -O (#1745)
  * mtree reader: support reading mtree files with tabs (#1783)
  * various small fixes for issues found by CodeQL

OBS-URL: https://build.opensuse.org/request/show/1044376
OBS-URL: https://build.opensuse.org/package/show/Archiving/libarchive?expand=0&rev=114
2022-12-27 13:39:02 +00:00
eda2f97516 Accepting request 967884 from home:dirkmueller:Factory
- update to 3.6.1:
  * 7zip reader: fix PPMD read beyond boundary (#1671)
  * ZIP reader: fix possible out of bounds read (OSS-Fuzz 38766 #1672)
  * ISO reader: fix possible heap buffer overflow in read_children() (OSS-Fuzz 38764, #1685)
  * RARv4 redaer: fix multiple issues in RARv4 filter code (introduced in libarchive 3.6.0)
  * fix heap use after free in archive_read_format_rar_read_data() (OSS-Fuzz 44547, 52efa50)
  * fix null dereference in read_data_compressed() (OSS-Fuzz 44843, 1271f77)
  * fix heap user after free in run_filters() (OSS-Fuzz 46279, #1715)

OBS-URL: https://build.opensuse.org/request/show/967884
OBS-URL: https://build.opensuse.org/package/show/Archiving/libarchive?expand=0&rev=112
2022-04-11 06:54:47 +00:00
2341bd7a2f Accepting request 957430 from home:susnux:branches:Archiving
Update to 3.6.0
Fix use-after-free bug (CVE-2021-36976)

OBS-URL: https://build.opensuse.org/request/show/957430
OBS-URL: https://build.opensuse.org/package/show/Archiving/libarchive?expand=0&rev=110
2022-03-03 12:36:53 +00:00
c4c3f5a330 comment fix
OBS-URL: https://build.opensuse.org/package/show/Archiving/libarchive?expand=0&rev=109
2021-11-29 10:08:42 +00:00
9ce8dbc65f update
OBS-URL: https://build.opensuse.org/package/show/Archiving/libarchive?expand=0&rev=108
2021-11-29 09:01:16 +00:00
48f19b8354 Accepting request 930015 from home:AndreasStieger:branches:Archiving
libarchive 3.5.2 boo#1192425 boo#1192426 boo#1192427

OBS-URL: https://build.opensuse.org/request/show/930015
OBS-URL: https://build.opensuse.org/package/show/Archiving/libarchive?expand=0&rev=107
2021-11-08 07:20:02 +00:00
d83a603d19 Accepting request 860776 from home:dirkmueller:branches:Archiving
- update to 3.5.1:
  * various compilation fixes (#1461, #1462, #1463, #1464)
  * fixed undefined behavior in a function in warc reader (#1465)

OBS-URL: https://build.opensuse.org/request/show/860776
OBS-URL: https://build.opensuse.org/package/show/Archiving/libarchive?expand=0&rev=105
2021-01-12 08:32:24 +00:00
93158127b7 Accepting request 852309 from home:namtrac:branches:Archiving
- Update to version 3.5.0
  New features:
  * mtree digest reader support (#1347)
  * completed support for UTF-8 encoding conversion (#1389)
  * minor API enhancements (#1258, #1405)
  * support for system extended attributes (#1409)
  * support for decompression of symbolic links in zipx archives (#1435)
  Important bugfixes
  * fixed extraction of archives with hard links pointing to itself (#1381)
  * cpio fixes (#1387, #1388)
  * fixed uninitialized size in rar5_read_data (#1408)
  * fixed memory leaks in error case of archive_write_open() functions (#1456)
- Drop libarchive-3.4.3-fix_test_write_disk_secure.patch, fixed upstream.

OBS-URL: https://build.opensuse.org/request/show/852309
OBS-URL: https://build.opensuse.org/package/show/Archiving/libarchive?expand=0&rev=103
2020-12-04 14:03:32 +00:00
d3521d6af2 Accepting request 832835 from home:AndreasStieger:branches:Archiving
fix build with binutils submitted to Factory

OBS-URL: https://build.opensuse.org/request/show/832835
OBS-URL: https://build.opensuse.org/package/show/Archiving/libarchive?expand=0&rev=101
2020-09-08 07:05:14 +00:00
768fafe6d8 Accepting request 807429 from home:namtrac:branches:Archiving
- Update to version 3.4.3
  * support for pzstd compressed files (#1357)
  * support for RHT.security.selinux tar extended attribute (#1348)
  * various zstd fixes and improvements (#1342 #1352 #1359)
  * child process handling fixes (#1372)

OBS-URL: https://build.opensuse.org/request/show/807429
OBS-URL: https://build.opensuse.org/package/show/Archiving/libarchive?expand=0&rev=99
2020-05-20 07:01:10 +00:00
5075323f16 Accepting request 776242 from home:namtrac:branches:Archiving
- Switch back to cmake build now that cmake-mini exists, this will
  no longer create a build-cycle.

OBS-URL: https://build.opensuse.org/request/show/776242
OBS-URL: https://build.opensuse.org/package/show/Archiving/libarchive?expand=0&rev=97
2020-02-19 10:15:38 +00:00
c548fd5003 Accepting request 774886 from home:namtrac:branches:Archiving
including CVE-2019-18408
- Fixes CVE-2017-14501, CVE-2017-14502, CVE-2017-14503

OBS-URL: https://build.opensuse.org/request/show/774886
OBS-URL: https://build.opensuse.org/package/show/Archiving/libarchive?expand=0&rev=95
2020-02-18 08:46:15 +00:00
Martin Pluskal
6447e5d152 Accepting request 773614 from home:namtrac:branches:Archiving
- Update to version 3.4.2
  New features:
  * support for atomic file extraction (bsdtar -x --safe-writes) (#1289)
  * support for mbed TLS (PolarSSL) (#1301)
  Important bugfixes:
  * security fixes in RAR5 reader (#1280 #1326)
  * compression buffer fix in XAR writer (#1317)
  * fix uname and gname longer than 32 characters in PAX writer (#1319)
  * fix segfault when archiving hard links in ISO9660 and XAR writers (#1325)
  * fix support for extracting 7z archive entries with Delta filter (#987)

OBS-URL: https://build.opensuse.org/request/show/773614
OBS-URL: https://build.opensuse.org/package/show/Archiving/libarchive?expand=0&rev=93
2020-02-12 08:42:32 +00:00
Martin Pluskal
8d8d3afe6b Accepting request 760008 from home:namtrac:branches:Archiving
- Revert back to autoconf, cmake introduces a cycle. Leave cmake
  patches in since they are basically correct and might be useful
  in the future.

- Update to version 3.4.1
  New features:
  * Unicode filename support for reading lha/lzh archives
  * New pax write option "xattrhdr"
  Important bugfixes:
  * security fixes in wide string processing (#1276 #1298)
  * security fixes in RAR5 reader (#1212 #1217 #1296) CVE-2019-19221
  * security fixes and optimizations to write filter logic (#351)
  * security fix related to use of readlink(2) (1dae5a5)
  * sparse file handling fixes (#1218 #1260)
- Drop CVE-2019-19221.patch and fix-zstd-test.patch, fixed upstream

  CVE-2019-19221.patch out-of-bounds read in libarchive

OBS-URL: https://build.opensuse.org/request/show/760008
OBS-URL: https://build.opensuse.org/package/show/Archiving/libarchive?expand=0&rev=91
2019-12-31 08:23:29 +00:00
9d7341ca2a fix
OBS-URL: https://build.opensuse.org/package/show/Archiving/libarchive?expand=0&rev=90
2019-11-22 13:20:39 +00:00
b4a8d0f3ab Accepting request 724492 from home:namtrac:branches:Archiving
- Switch to cmake build 
- Add lib-suffix.patch to honor LIB_SUFFIX
- Add fix-zstd-test.patch to fix zstd test
- Add fix-soversion.patch to fix the soversion to 13 as autotools

OBS-URL: https://build.opensuse.org/request/show/724492
OBS-URL: https://build.opensuse.org/package/show/Archiving/libarchive?expand=0&rev=89
2019-08-22 07:41:07 +00:00
Martin Pluskal
edfffe5861 Accepting request 711098 from home:namtrac:branches:Archiving
- Add lz4 and zstd support
- Add BuildRequires on liblz4-devel and libzstd-devel

OBS-URL: https://build.opensuse.org/request/show/711098
OBS-URL: https://build.opensuse.org/package/show/Archiving/libarchive?expand=0&rev=88
2019-06-20 13:43:11 +00:00
afb0de5939 Accepting request 709701 from home:namtrac:branches:Archiving
- Add libarchive.keyring and validate the tarball signature

OBS-URL: https://build.opensuse.org/request/show/709701
OBS-URL: https://build.opensuse.org/package/show/Archiving/libarchive?expand=0&rev=86
2019-06-13 09:45:04 +00:00
901ee0d552 Accepting request 709686 from home:namtrac:branches:Archiving
- Update to version 3.4.0
  * Support for file and directory symlinks on Windows
  * Read support for RAR 5.0 archives
  * Read support for ZIPX archives with xz, lzma, ppmd8 and
    bzip2 compression
  * Support for non-recursive list and extract
  * New tar option: --exclude-vcs
  * Improved file attribute support on Linux and file flags support
    on FreeBSD
  * Fix reading Android APK archives (#1055 )
  * Fix problems related to unreadable directories (#1167)
  * A two-digit number of OSS-Fuzz issues was resolved in this release
- Drop all security patches, fixed upstream:
  * CVE-2018-1000877.patch
  * CVE-2018-1000878.patch
  * CVE-2018-1000879.patch
  * CVE-2018-1000880.patch
  * CVE-2019-1000019.patch
  * CVE-2019-1000020.patch

OBS-URL: https://build.opensuse.org/request/show/709686
OBS-URL: https://build.opensuse.org/package/show/Archiving/libarchive?expand=0&rev=85
2019-06-13 08:50:06 +00:00
f3cb9ea74a fixing
OBS-URL: https://build.opensuse.org/package/show/Archiving/libarchive?expand=0&rev=83
2019-02-05 15:18:54 +00:00
d0395584d2 fix
OBS-URL: https://build.opensuse.org/package/show/Archiving/libarchive?expand=0&rev=82
2019-02-05 15:17:56 +00:00
Martin Pluskal
c118cad477 Accepting request 662692 from home:kbabioch:branches:Archiving
- Added patches:
  * CVE-2018-1000877.patch, which fixes a double free vulnerability in RAR
    decoder (CVE-2018-1000877 bsc#1120653)
  * CVE-2018-1000878.patch, which fixes a Use-After-Free vulnerability in RAR
    decoder (CVE-2018-1000878 bsc#1120654)
  * CVE-2018-1000879.patch, which fixes a NULL Pointer Dereference
    vulnerability in ACL parser (CVE-2018-1000879 bsc#1120656)
  * CVE-2018-1000880.patch, which fixes an improper input validation
    vulnerability in WARC parser (CVE-2018-1000880 bsc#1120659)
- Make use of %license macro
- Applied spec-cleaner

OBS-URL: https://build.opensuse.org/request/show/662692
OBS-URL: https://build.opensuse.org/package/show/Archiving/libarchive?expand=0&rev=80
2019-01-04 08:14:08 +00:00
06d8f80ff8 Accepting request 636283 from home:jengelh:branches:Archiving
- Fix RPM groups. Remove idempotent %if..%endif guards.
  Diversify summaries. Set CFLAGS instead of re-defining
  optflags with itself.

OBS-URL: https://build.opensuse.org/request/show/636283
OBS-URL: https://build.opensuse.org/package/show/Archiving/libarchive?expand=0&rev=77
2018-09-18 07:41:19 +00:00
3effff948a bah
OBS-URL: https://build.opensuse.org/package/show/Archiving/libarchive?expand=0&rev=76
2018-09-14 09:06:05 +00:00
123bd9a659 update
OBS-URL: https://build.opensuse.org/package/show/Archiving/libarchive?expand=0&rev=75
2018-09-14 06:58:06 +00:00
13cbf5d89f idiotic
OBS-URL: https://build.opensuse.org/package/show/Archiving/libarchive?expand=0&rev=73
2017-09-07 07:36:27 +00:00
fece4d03d8 update
OBS-URL: https://build.opensuse.org/package/show/Archiving/libarchive?expand=0&rev=72
2017-09-07 07:08:13 +00:00
a6ec62ff8a cleanup
OBS-URL: https://build.opensuse.org/package/show/Archiving/libarchive?expand=0&rev=70
2017-04-18 11:43:17 +00:00
b4b0368c56 Accepting request 485188 from OBS:Server:Unstable
version update

OBS-URL: https://build.opensuse.org/request/show/485188
OBS-URL: https://build.opensuse.org/package/show/Archiving/libarchive?expand=0&rev=69
2017-04-04 11:40:47 +00:00
9e4730ab62 Accepting request 443193 from OBS:Server:Unstable
fix

OBS-URL: https://build.opensuse.org/request/show/443193
OBS-URL: https://build.opensuse.org/package/show/Archiving/libarchive?expand=0&rev=67
2016-12-02 13:53:54 +00:00
cdb2c644e6 minor changelog improvement
OBS-URL: https://build.opensuse.org/package/show/Archiving/libarchive?expand=0&rev=66
2016-11-25 08:40:23 +00:00
102c3443fc fix file list
OBS-URL: https://build.opensuse.org/package/show/Archiving/libarchive?expand=0&rev=64
2016-10-26 09:45:51 +00:00
7ce5328b34 go
OBS-URL: https://build.opensuse.org/package/show/Archiving/libarchive?expand=0&rev=63
2016-10-26 09:37:33 +00:00
71583be8c6 try
OBS-URL: https://build.opensuse.org/package/show/Archiving/libarchive?expand=0&rev=62
2016-10-26 09:33:16 +00:00
Martin Pluskal
650a5ffa5d Accepting request 414767 from home:dirkmueller:branches:Archiving
- make bsdtar require a matching libarchive version to avoid
  missing symbol errors

OBS-URL: https://build.opensuse.org/request/show/414767
OBS-URL: https://build.opensuse.org/package/show/Archiving/libarchive?expand=0&rev=60
2016-07-23 22:57:13 +00:00
1a33bca786 grr
OBS-URL: https://build.opensuse.org/package/show/Archiving/libarchive?expand=0&rev=58
2016-06-21 12:26:26 +00:00
954786f5b4 add changes
OBS-URL: https://build.opensuse.org/package/show/Archiving/libarchive?expand=0&rev=57
2016-06-21 12:21:08 +00:00
378715dd5c Just to have it in devel package, misses documentation about security issues in changes file for submission to factory
OBS-URL: https://build.opensuse.org/package/show/Archiving/libarchive?expand=0&rev=56
2016-06-21 06:17:54 +00:00
01c2b1b9c1 fix
OBS-URL: https://build.opensuse.org/package/show/Archiving/libarchive?expand=0&rev=55
2016-06-17 13:32:43 +00:00
c288b9d2c3 Accepting request 402699 from OBS:Server:Unstable
- limit size of symlinks in cpio archives (CVE-2016-4809, boo#984990)

OBS-URL: https://build.opensuse.org/request/show/402699
OBS-URL: https://build.opensuse.org/package/show/Archiving/libarchive?expand=0&rev=54
2016-06-16 09:59:00 +00:00
682182a4ce add comment
OBS-URL: https://build.opensuse.org/package/show/Archiving/libarchive?expand=0&rev=52
2016-05-09 09:15:56 +00:00
ac718122e0 fix
OBS-URL: https://build.opensuse.org/package/show/Archiving/libarchive?expand=0&rev=51
2016-05-09 09:08:59 +00:00
41e9547100 try again
OBS-URL: https://build.opensuse.org/package/show/Archiving/libarchive?expand=0&rev=50
2016-05-09 08:53:58 +00:00
ca33898948 update
OBS-URL: https://build.opensuse.org/package/show/Archiving/libarchive?expand=0&rev=49
2016-05-09 08:44:55 +00:00
Martin Pluskal
3a83d421c3 Accepting request 394051 from home:michel_mno:branches:Archiving
- add _constraints memory 4096MB to avoid ppc64le build failure
  as reported in Ring1

OBS-URL: https://build.opensuse.org/request/show/394051
OBS-URL: https://build.opensuse.org/package/show/Archiving/libarchive?expand=0&rev=48
2016-05-06 16:39:34 +00:00
bf8c5bb5d4 Accepting request 332120 from home:AndreasStieger:branches:Archiving
build static lib on RHEL 7

OBS-URL: https://build.opensuse.org/request/show/332120
OBS-URL: https://build.opensuse.org/package/show/Archiving/libarchive?expand=0&rev=46
2015-09-20 07:33:41 +00:00
Martin Pluskal
2c2b3a24d4 Accepting request 292353 from home:AndreasStieger:branches:Archiving
RHEL/CentOS build fix, skipping autoreconf

OBS-URL: https://build.opensuse.org/request/show/292353
OBS-URL: https://build.opensuse.org/package/show/Archiving/libarchive?expand=0&rev=44
2015-03-22 20:10:33 +00:00
Martin Pluskal
3c5e87f657 Accepting request 290893 from home:AndreasStieger:branches:Archiving2
- add CVE for previous change

OBS-URL: https://build.opensuse.org/request/show/290893
OBS-URL: https://build.opensuse.org/package/show/Archiving/libarchive?expand=0&rev=42
2015-03-15 20:51:53 +00:00
dbc2e0cbcd grrr
OBS-URL: https://build.opensuse.org/package/show/Archiving/libarchive?expand=0&rev=40
2015-03-05 14:42:28 +00:00
cbf2072029 comments
OBS-URL: https://build.opensuse.org/package/show/Archiving/libarchive?expand=0&rev=39
2015-03-05 14:37:18 +00:00