From: Adolf Belka <adolf.belka@ipfire.org>
To: development@lists.ipfire.org
Subject: [PATCH] libarchive: Update to version 3.7.4
Date: Thu, 08 Aug 2024 21:32:16 +0200 [thread overview]
Message-ID: <20240808193217.3774124-1-adolf.belka@ipfire.org> (raw)
[-- Attachment #1: Type: text/plain, Size: 4870 bytes --]
- Update from version 3.7.0 to 3.7.4
- Update of rootfile
- CVE fix in 3.7.4
- Changelog
3.7.4
Security fixes:
rar: Fix OOB in rar e8 filter (#2135) (CVE-2024-26256)
zip: Fix out of boundary access (#2145)
Important bugfixes:
7zip: Limit amount of properties (#2131)
bsdtar: Fix error handling around strtol() usages (#2110)
passphrase: Improve newline handling on Windows (#2115)
passphrase: Never allow empty passwords (#2116)
rar: Fix "File CRC Error" when extracting specific rar4 archives (#2124)
xar: Avoid infinite link loop (#2123)
zip: Update AppleDouble support for directories (#2108)
zstd: Implement core detection (#2083, #2071)
3.7.3
New features:
PCRE2 support (#2031)
add trailing letter b to bsdtar(1) substitute pattern (#2012)
add support for long options "--group" and "--owner" to tar(1) (#2054)
Security fixes:
Fix possible vulnerability in tar error reporting introduced in f27c173 (#2101)
Important bugfixes:
ISO9660: preserve the natural order of links (#1974)
rar5: fix decoding unicode filenames on Windows (#1978)
rar5: fix infinite loop if during rar5 decompression the last block produced
no data (#2105)
xz filter: fix incorrect eof at the end of an lzip member (#2027)
zip: fix end-of-data marker processing when decompressing zip archives (#2042)
multiple bsdunzip(1) fixes (#2022, #2030)
filetime truncation fix on Windows (#2050)
3.7.2
Security fixes:
Multiple vulnerabilities have been fixed in the PAX writer (1b4e0d0)
Important bugfixes:
bsdunzip(1) now correctly handles arguments following an -x after the zipfile
New features:
bsdunzip(1) now supports the "--version" flag
7-zip reader now translates Windows permissions into UNIX permissions (#1943)
uudecode filter in raw mode now supports file name and file mode
zstd filter now supports the "long" write option (#1962)
3.7.1
Security fixes:
SEGV and stack buffer overflow in verbose mode of cpio (#1934, #1935)
Feature updates:
bsdunzip updated to match latest upstream code (#1926)
Important bugfixes:
miscellaneous functional bugfixes (#1731, #1929, #1930)
build fixes on multiple platforms (Android #1921, older MacOS X #1919, #1933
and others)
Signed-off-by: Adolf Belka <adolf.belka(a)ipfire.org>
---
config/rootfiles/common/libarchive | 2 +-
lfs/libarchive | 10 ++++++----
2 files changed, 7 insertions(+), 5 deletions(-)
diff --git a/config/rootfiles/common/libarchive b/config/rootfiles/common/libarchive
index 81089e9e2..2f38c29a7 100644
--- a/config/rootfiles/common/libarchive
+++ b/config/rootfiles/common/libarchive
@@ -7,7 +7,7 @@
#usr/lib/libarchive.la
#usr/lib/libarchive.so
usr/lib/libarchive.so.13
-usr/lib/libarchive.so.13.7.0
+usr/lib/libarchive.so.13.7.4
#usr/lib/pkgconfig/libarchive.pc
#usr/share/man/man1/bsdcat.1
#usr/share/man/man1/bsdcpio.1
diff --git a/lfs/libarchive b/lfs/libarchive
index 91041023b..668f2a87e 100644
--- a/lfs/libarchive
+++ b/lfs/libarchive
@@ -1,7 +1,7 @@
###############################################################################
# #
# IPFire.org - A linux based firewall #
-# Copyright (C) 2007-2023 IPFire Team <info(a)ipfire.org> #
+# Copyright (C) 2007-2024 IPFire Team <info(a)ipfire.org> #
# #
# This program is free software: you can redistribute it and/or modify #
# it under the terms of the GNU General Public License as published by #
@@ -24,7 +24,7 @@
include Config
-VER = 3.7.0
+VER = 3.7.4
THISAPP = libarchive-$(VER)
DL_FILE = $(THISAPP).tar.xz
@@ -41,7 +41,7 @@ objects = $(DL_FILE)
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
-$(DL_FILE)_BLAKE2 = 8fb72a0504038c71584c0416c1d747b7f5c82266518704353e7fdf794bd9f9e2dc22b8fa2538fa8d12a3b9776581077040371d25647fe72c02a4ec5f3bb8d950
+$(DL_FILE)_BLAKE2 = 128f72235da61e112201046c0cfe62a8c580cf73b426c4cfe270ae913356f6ad430ba33a663dcd617b082c7baf45ada8d1c9928c45fea16fd57e8020693a60bc
install : $(TARGET)
@@ -74,7 +74,9 @@ $(subst %,%_BLAKE2,$(objects)) :
$(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects))
@$(PREBUILD)
@rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar axf $(DIR_DL)/$(DL_FILE)
- cd $(DIR_APP) && ./configure --prefix=/usr --disable-static
+ cd $(DIR_APP) && ./configure \
+ --prefix=/usr \
+ --disable-static
cd $(DIR_APP) && make $(MAKETUNING)
cd $(DIR_APP) && make install
@rm -rf $(DIR_APP)
--
2.45.2
next reply other threads:[~2024-08-08 19:32 UTC|newest]
Thread overview: 2+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-08-08 19:32 Adolf Belka [this message]
2024-08-08 19:32 ` [PATCH] libassuan: Update to version 3.0.1 Adolf Belka
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20240808193217.3774124-1-adolf.belka@ipfire.org \
--to=adolf.belka@ipfire.org \
--cc=development@lists.ipfire.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox