Commit Graph

3 Commits

Author SHA256 Message Date
Martin Pluskal
ac24f0abfe Accepting request 1044376 from home:dirkmueller:Factory
- update to 3.6.2 (bsc#1205629, CVE-2022-36227)
  * NULL pointer dereference vulnerability in archive_write.c 
  * include ZSTD in Windows builds (#1688)
  * SSL fixes on Windows (#1714, #1723, #1724)
  * rar5 reader: fix possible garbled output with bsdtar -O (#1745)
  * mtree reader: support reading mtree files with tabs (#1783)
  * various small fixes for issues found by CodeQL

OBS-URL: https://build.opensuse.org/request/show/1044376
OBS-URL: https://build.opensuse.org/package/show/Archiving/libarchive?expand=0&rev=114
2022-12-27 13:39:02 +00:00
Martin Pluskal
8d8d3afe6b Accepting request 760008 from home:namtrac:branches:Archiving
- Revert back to autoconf, cmake introduces a cycle. Leave cmake
  patches in since they are basically correct and might be useful
  in the future.

- Update to version 3.4.1
  New features:
  * Unicode filename support for reading lha/lzh archives
  * New pax write option "xattrhdr"
  Important bugfixes:
  * security fixes in wide string processing (#1276 #1298)
  * security fixes in RAR5 reader (#1212 #1217 #1296) CVE-2019-19221
  * security fixes and optimizations to write filter logic (#351)
  * security fix related to use of readlink(2) (1dae5a5)
  * sparse file handling fixes (#1218 #1260)
- Drop CVE-2019-19221.patch and fix-zstd-test.patch, fixed upstream

  CVE-2019-19221.patch out-of-bounds read in libarchive

OBS-URL: https://build.opensuse.org/request/show/760008
OBS-URL: https://build.opensuse.org/package/show/Archiving/libarchive?expand=0&rev=91
2019-12-31 08:23:29 +00:00
afb0de5939 Accepting request 709701 from home:namtrac:branches:Archiving
- Add libarchive.keyring and validate the tarball signature

OBS-URL: https://build.opensuse.org/request/show/709701
OBS-URL: https://build.opensuse.org/package/show/Archiving/libarchive?expand=0&rev=86
2019-06-13 09:45:04 +00:00