[PATCH] libarchive: Update to version 3.7.4

8 Aug 2024

- Update from version 3.7.0 to 3.7.4
- Update of rootfile
- CVE fix in 3.7.4
- Changelog
    3.7.4
    Security fixes:
        rar: Fix OOB in rar e8 filter (#2135) (CVE-2024-26256)
        zip: Fix out of boundary access (#2145)
    Important bugfixes:
        7zip: Limit amount of properties (#2131)
        bsdtar: Fix error handling around strtol() usages (#2110)
        passphrase: Improve newline handling on Windows (#2115)
        passphrase: Never allow empty passwords (#2116)
        rar: Fix "File CRC Error" when extracting specific rar4 archives (#2124)
        xar: Avoid infinite link loop (#2123)
        zip: Update AppleDouble support for directories (#2108)
        zstd: Implement core detection (#2083, #2071)
    3.7.3
    New features:
        PCRE2 support (#2031)
        add trailing letter b to bsdtar(1) substitute pattern (#2012)
        add support for long options "--group" and "--owner" to tar(1) (#2054)
    Security fixes:
        Fix possible vulnerability in tar error reporting introduced in f27c173 (#2101)
    Important bugfixes:
        ISO9660: preserve the natural order of links (#1974)
        rar5: fix decoding unicode filenames on Windows (#1978)
        rar5: fix infinite loop if during rar5 decompression the last block produced
         no data (#2105)
        xz filter: fix incorrect eof at the end of an lzip member (#2027)
        zip: fix end-of-data marker processing when decompressing zip archives (#2042)
        multiple bsdunzip(1) fixes (#2022, #2030)
        filetime truncation fix on Windows (#2050)
    3.7.2
    Security fixes:
        Multiple vulnerabilities have been fixed in the PAX writer (1b4e0d0)
    Important bugfixes:
        bsdunzip(1) now correctly handles arguments following an -x after the zipfile
    New features:
        bsdunzip(1) now supports the "--version" flag
        7-zip reader now translates Windows permissions into UNIX permissions (#1943)
        uudecode filter in raw mode now supports file name and file mode
        zstd filter now supports the "long" write option (#1962)
    3.7.1
    Security fixes:
        SEGV and stack buffer overflow in verbose mode of cpio (#1934, #1935)
    Feature updates:
        bsdunzip updated to match latest upstream code (#1926)
    Important bugfixes:
        miscellaneous functional bugfixes (#1731, #1929, #1930)
        build fixes on multiple platforms (Android #1921, older MacOS X #1919, #1933
         and others)
Signed-off-by: Adolf Belka adolf.belka@ipfire.org
---
 config/rootfiles/common/libarchive |  2 +-
 lfs/libarchive                     | 10 ++++++----
 2 files changed, 7 insertions(+), 5 deletions(-)

diff --git a/config/rootfiles/common/libarchive b/config/rootfiles/common/libarchive
index 81089e9e2..2f38c29a7 100644
--- a/config/rootfiles/common/libarchive
+++ b/config/rootfiles/common/libarchive
@@ -7,7 +7,7 @@
 #usr/lib/libarchive.la
 #usr/lib/libarchive.so
 usr/lib/libarchive.so.13
-usr/lib/libarchive.so.13.7.0
+usr/lib/libarchive.so.13.7.4
 #usr/lib/pkgconfig/libarchive.pc
 #usr/share/man/man1/bsdcat.1
 #usr/share/man/man1/bsdcpio.1
diff --git a/lfs/libarchive b/lfs/libarchive
index 91041023b..668f2a87e 100644
--- a/lfs/libarchive
+++ b/lfs/libarchive
@@ -1,7 +1,7 @@
 ###############################################################################
 #                                                                             #
 # IPFire.org - A linux based firewall                                         #
-# Copyright (C) 2007-2023  IPFire Team  info@ipfire.org                     #
+# Copyright (C) 2007-2024  IPFire Team  info@ipfire.org                     #
 #                                                                             #
 # This program is free software: you can redistribute it and/or modify        #
 # it under the terms of the GNU General Public License as published by        #
@@ -24,7 +24,7 @@
include Config
-VER        = 3.7.0
+VER        = 3.7.4
THISAPP    = libarchive-$(VER)
 DL_FILE    = $(THISAPP).tar.xz
@@ -41,7 +41,7 @@ objects = $(DL_FILE)
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
-$(DL_FILE)_BLAKE2 = 8fb72a0504038c71584c0416c1d747b7f5c82266518704353e7fdf794bd9f9e2dc22b8fa2538fa8d12a3b9776581077040371d25647fe72c02a4ec5f3bb8d950
+$(DL_FILE)_BLAKE2 = 128f72235da61e112201046c0cfe62a8c580cf73b426c4cfe270ae913356f6ad430ba33a663dcd617b082c7baf45ada8d1c9928c45fea16fd57e8020693a60bc
install : $(TARGET)
@@ -74,7 +74,9 @@ $(subst %,%_BLAKE2,$(objects)) :
 $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects))
    @$(PREBUILD)
    @rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar axf $(DIR_DL)/$(DL_FILE)
-	cd $(DIR_APP) && ./configure --prefix=/usr --disable-static
+	cd $(DIR_APP) && ./configure \
+				--prefix=/usr \
+				--disable-static
    cd $(DIR_APP) && make $(MAKETUNING)
    cd $(DIR_APP) && make install
    @rm -rf $(DIR_APP)
-- 
2.45.2


    

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

[PATCH] libarchive: Update to version 3.7.4