| #
c0434ef0 |
| 17-Oct-2024 |
christos <christos@NetBSD.org> |
Import libarchive-3.7.7 (previous was 3.7.4)
* Libarchive 3.7.7 is a bugfix and security release
Security fixes:
gzip: prevent a hang when processing a malformed gzip inside a gzip
(#2366, OS
Import libarchive-3.7.7 (previous was 3.7.4)
* Libarchive 3.7.7 is a bugfix and security release
Security fixes:
gzip: prevent a hang when processing a malformed gzip inside a gzip
(#2366, OSS-Fuzz)
tar: don't crash on truncated tar archives (#2364, OSS-Fuzz)
tar: fix two leaks in tar header parsing (#2377)
Important bugfixes:
7-zip: read/write symlink paths as UTF-8 (#2252)
cpio: exit with an error code if an entry could not be extracted (#2371)
rar5: report encrypted entries (#2096)
tar: fix truncation of entry pathnames in specific archives (#2360)
windows: fix ARCHIVE_EXTRACT_SECURE_NOABSOLUTEPATHS (#2363)
* Libarchive 3.7.6 is a bugfix and security release.
This release fixes a tar regression introduced in libarchive 3.7.5
(#2331, #2337)
Important bugfixes.
tar: clean up linkpath between entries (#2343)
tar: fix memory leaks when processing symlinks or parsing pax headers
(#2338)
iso: be more cautious about parsing ISO-9660 timestamps (#2330)
* Libarchive 3.7.5 is a bugfix and security release
Security fixes:
fix multiple vulnerabilities identified by SAST (#2251, #2256)
cpio: ignore out-of-range gid/uid/size/ino and harden AFIO parsing (#2258)
lzop: prevent integer overflow (#2174)
rar4: protect copy_from_lzss_window_to_unp() (#2172, CVE-2024-20696)
rar4: fix CVE-2024-26256 (#2269, CVS-2024-26256)
rar4: fix OOB in delta and audio filter (#2148, #2149)
rar4: fix out of boundary access with large files (#2179)
rar4: add boundary checks to rgb filter (#2210)
rar4: fix OOB access with unicode filenames (#2203)
rar5: clear 'data ready' cache on window buffer reallocs (#2265)
rpm: calculate huge header sizes correctly (#2158)
unzip: unify EOF handling (#2175)
util: fix out of boundary access in mktemp functions (#2160)
uu: stop processing if lines are too long (#2168)
Important bugfixes:
7zip: fix issue when skipping first file in 7zip archive that is a
multiple of 65536 bytes (#2245)
ar: fix archive entries having no type (#2290)
lha: do not allow negative file sizes (#2155)
lha: fix integer truncation on 32-bit systems (#2161)
shar: check strdup return value (#2173)
rar5: don't try to read rediculously long names (#2259)
xar: fix another infinite loop and expat error handling (#2150)
many Windows fixes, cleanups and improvements
show more ...
|
| #
65e637ab |
| 09-Jun-2024 |
christos <christos@NetBSD.org> |
Import libarchive-3.7.4 previous was 3.4.0
Changes:
Apr 26, 2024: libarchive 3.7.4 released
Apr 08, 2024: libarchive 3.7.3 released
Sep 12, 2023: libarchive 3.7.2 released
Jul 29, 2023: libarchiv
Import libarchive-3.7.4 previous was 3.4.0
Changes:
Apr 26, 2024: libarchive 3.7.4 released
Apr 08, 2024: libarchive 3.7.3 released
Sep 12, 2023: libarchive 3.7.2 released
Jul 29, 2023: libarchive 3.7.1 released
Jul 18, 2023: libarchive 3.7.0 released
Jul 14, 2023: bsdunzip port from FreeBSD
Dec 07, 2022: libarchive 3.6.2 released
Apr 08, 2022: libarchive 3.6.1 released
Feb 09, 2022: libarchive 3.6.0 released
Feb 08, 2022: libarchive 3.5.3 released
Aug 22, 2021: libarchive 3.5.2 released
Dec 26, 2020: libarchive 3.5.1 released
Dec 01, 2020: libarchive 3.5.0 released
Oct 14, 2020: Support for system extended attributes
May 20, 2020: libarchive 3.4.3 released
Apr 30, 2020: Support for pzstd compressed files
Apr 16, 2020: Support for RHT.security.selinux tar extended attribute
Feb 11, 2020: libarchive 3.4.2 released
Jan 23, 2020: Important fixes for writing XAR archives
Jan 20, 2020: New tar option: --safe-writes (atomical file extraction)
Jan 03, 2020: Support mbed TLS (PolarSSL) as optional crypto provider
Dec 30, 2019: libarchive 3.4.1 released
Dec 11, 2019: New pax write option "xattrhdr"
Nov 17, 2019: Unicode filename support for reading lha/lzh archives
show more ...
|