From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <development+bounces-221-archive=lists.ipfire.org@lists.ipfire.org>
Received: from mail02.haj.ipfire.org (localhost [127.0.0.1])
	by mail02.haj.ipfire.org (Postfix) with ESMTP id 4ZXKDc67Lpz32KR
	for <archive@lists.ipfire.org>; Tue,  8 Apr 2025 21:37:36 +0000 (UTC)
Received: from mail01.ipfire.org (mail01.haj.ipfire.org [172.28.1.202])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature ECDSA (secp384r1) server-digest SHA384
	 client-signature RSA-PSS (4096 bits) client-digest SHA256)
	(Client CN "mail01.haj.ipfire.org", Issuer "R10" (verified OK))
	by mail02.haj.ipfire.org (Postfix) with ESMTPS id 4ZXKDY2D7Fz2xbb
	for <development@lists.ipfire.org>; Tue,  8 Apr 2025 21:37:33 +0000 (UTC)
Received: from [127.0.0.1] (localhost [127.0.0.1])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(No client certificate requested)
	by mail01.ipfire.org (Postfix) with ESMTPSA id 4ZXKDX0VjFzwN;
	Tue,  8 Apr 2025 21:37:32 +0000 (UTC)
DKIM-Signature: v=1; a=ed25519-sha256; c=relaxed/relaxed; d=ipfire.org;
	s=202003ed25519; t=1744148252;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:cc:mime-version:mime-version:
	 content-transfer-encoding:content-transfer-encoding;
	bh=3veYeP5ROOH60C32+kw8mlj0MSmdFIQv/1o6udR1d4M=;
	b=Vy/tdIccUW4qo88n3LxdCXi9SiZ8QVrj3LuFkrsx6WitFTD10fkaI1aIDpq7nWAQxYcrjA
	7FIdNjlbbr9rpfDg==
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ipfire.org; s=202003rsa;
	t=1744148252;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:cc:mime-version:mime-version:
	 content-transfer-encoding:content-transfer-encoding;
	bh=3veYeP5ROOH60C32+kw8mlj0MSmdFIQv/1o6udR1d4M=;
	b=KRKSEJBO78tu3YV7crQ4qjQuX4smMJ9XZ6AeXlzZHjma2yNk/yK9MQ3gNbbCOaW9yQ5010
	BS6Fw/OOc91PMx2TjonWZ2aZ4qDVEZRJgLGzbu6PDI1S5PA7UcNQSq0MKytptWeuzQ/UFp
	LAvUQaYJ1xj+cJYS7NqxDJ7TNuC6DK1UzuNaEbLxxx323RE9BRzj54C1h2GBV6k06cst6Z
	f2RF8RBnrXpjwVnCZ8QTk1fqb1dw7IprGbU8u1SCLy/s1IXl5jdSHzH2a7yng2ZNgWvJIx
	mtSswICoPheWvDMUeJ9eeQI4QR50bRpqqZl4waiTiWoYKgs1eqDALOBThL15wg==
From: Adolf Belka <adolf.belka@ipfire.org>
To: development@lists.ipfire.org
Cc: Adolf Belka <adolf.belka@ipfire.org>
Subject: [PATCH] xz: Update to version 5.8.1
Date: Tue,  8 Apr 2025 23:37:27 +0200
Message-ID: <20250408213727.3271294-1-adolf.belka@ipfire.org>
Precedence: list
List-Id: <development.lists.ipfire.org>
List-Subscribe: <https://lists.ipfire.org/>,
 <mailto:development+subscribe@lists.ipfire.org?subject=subscribe>
List-Unsubscribe: <https://lists.ipfire.org/>,
 <mailto:development+unsubscribe@lists.ipfire.org?subject=unsubscribe>
List-Post: <mailto:development@lists.ipfire.org>
List-Help: <mailto:development+help@lists.ipfire.org?subject=help>
Sender: <development@lists.ipfire.org>
Mail-Followup-To: <development@lists.ipfire.org>
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit

- Update from version 5.8.0 to 5.8.1
- Update of rootfile
- Changelog
    5.8.1
	    IMPORTANT: This includes a security fix for CVE-2025-31115 which
	    affects XZ Utils from 5.3.3alpha to 5.8.0. No new 5.4.x or 5.6.x
	    releases will be made, but the fix is in the v5.4 and v5.6 branches
	    in the xz Git repository. A standalone patch for all affected
	    versions is available as well.
	    * Multithreaded .xz decoder (lzma_stream_decoder_mt()):
	        - Fix a bug that could at least result in a crash with
	          invalid input. (CVE-2025-31115)
	        - Fix a performance bug: Only one thread was used if the whole
	          input file was provided at once to lzma_code(), the output
	          buffer was big enough, timeout was disabled, and LZMA_FINISH
	          was used. There are no bug reports about this, thus it's
	          possible that no real-world application was affected.
	    * Avoid <stdalign.h> even with C11/C17 compilers. This fixes the
	      build with Oracle Developer Studio 12.6 on Solaris 10 when the
	      compiler is in C11 mode (the header doesn't exist).
	    * Autotools: Restore compatibility with GNU make versions older
	      than 4.0 by creating the package using GNU gettext 0.23.1
	      infrastructure instead of 0.24.
	    * Update Croatian translation.

Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
---
 config/rootfiles/common/xz | 2 +-
 lfs/xz                     | 4 ++--
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/config/rootfiles/common/xz b/config/rootfiles/common/xz
index 3873744c8..f836d4578 100644
--- a/config/rootfiles/common/xz
+++ b/config/rootfiles/common/xz
@@ -41,7 +41,7 @@ usr/bin/xzmore
 #usr/lib/liblzma.la
 #usr/lib/liblzma.so
 usr/lib/liblzma.so.5
-usr/lib/liblzma.so.5.8.0
+usr/lib/liblzma.so.5.8.1
 #usr/lib/pkgconfig/liblzma.pc
 #usr/share/doc/xz
 #usr/share/doc/xz/AUTHORS
diff --git a/lfs/xz b/lfs/xz
index 511848c1d..1ee1faa52 100644
--- a/lfs/xz
+++ b/lfs/xz
@@ -24,7 +24,7 @@
 
 include Config
 
-VER        = 5.8.0
+VER        = 5.8.1
 
 THISAPP    = xz-$(VER)
 DL_FILE    = $(THISAPP).tar.xz
@@ -45,7 +45,7 @@ objects = $(DL_FILE)
 
 $(DL_FILE) = $(DL_FROM)/$(DL_FILE)
 
-$(DL_FILE)_BLAKE2 = 5087c88884a857b96bc5658548fc9b07ab2f14fe9eabfaeaa19e21810e7588c97621db08353632bd56e66ae2085ec5adc421c4d6849525b630d56dadd65c9f81
+$(DL_FILE)_BLAKE2 = f11be3971e181bb49b6a92d3cc07ebb1c6b5fb53bc5d079e0952eed94f069656cffb37a2e2e8f068a5f119c6ef5ee565b3ac9978a5afa24a40d49607d492d176
 
 install : $(TARGET)
 
-- 
2.49.0