./archivers/libarchive, Library to read/create different archive formats

[ CVSweb ] [ Homepage ] [ RSS ] [ Required by ] [ Add to tracker ]

Branch: CURRENT, Version: 3.7.7, Package name: libarchive-3.7.7, Maintainer: pkgsrc-users

Libarchive is a programming library that can create and read several
different streaming archive formats, including most popular tar variants
and several cpio formats. It can also write shar archives and read
ISO9660 CDROM images.


Required to run:
[security/openssl]

Required to build:
[pkgtools/cwrappers]

Master sites:

Version history: (Expand)

CVS history: (Expand)


   2024-10-19 07:40:01 by Adam Ciarcinski | Files touched by this commit (362) | Package updated
Log message:
libarchive: updated to 3.7.7

Libarchive 3.7.7 is a bugfix and security release

Security fixes:

gzip: prevent a hang when processing a malformed gzip inside a gzip
tar: don't crash on truncated tar archives
tar: fix two leaks in tar header parsing

Important bugfixes:

7-zip: read/write symlink paths as UTF-8
cpio: exit with an error code if an entry could not be extracted
rar5: report encrypted entries
tar: fix truncation of entry pathnames in specific archives
windows: fix ARCHIVE_EXTRACT_SECURE_NOABSOLUTEPATHS

Libarchive 3.7.6 is a bugfix and security release.
This release fixes a tar regression introduced in libarchive 3.7.5

Important bugfixes.

tar: clean up linkpath between entries
tar: fix memory leaks when processing symlinks or parsing pax headers
iso: be more cautious about parsing ISO-9660 timestamps
   2024-10-19 07:28:44 by Adam Ciarcinski | Files touched by this commit (15) | Imported package
Log message:
libarchove: import version 3.7.7
   2024-09-15 09:02:22 by Adam Ciarcinski | Files touched by this commit (182) | Package updated
Log message:
libarchive: updated to 3.7.5

Libarchive 3.7.5

Security fixes:

fix multiple vulnerabilities identified by SAST
cpio: ignore out-of-range gid/uid/size/ino and harden AFIO parsing
lzop: prevent integer overflow
rar4: protect copy_from_lzss_window_to_unp()
rar4: fix CVE-2024-26256
rar4: fix OOB in delta and audio filter
rar4: fix out of boundary access with large files
rar4: add boundary checks to rgb filter
rar4: fix OOB access with unicode filenames
rar5: clear 'data ready' cache on window buffer reallocs
rpm: calculate huge header sizes correctly
unzip: unify EOF handling
util: fix out of boundary access in mktemp functions
uu: stop processing if lines are too long

Important bugfixes:

7zip: fix issue when skipping first file in 7zip archive that is a multiple of \ 
65536 bytes
ar: fix archive entries having no type
lha: do not allow negative file sizes
lha: fix integer truncation on 32-bit systems
shar: check strdup return value
rar5: don't try to read rediculously long names
xar: fix another infinite loop and expat error handling
many Windows fixes, cleanups and improvements
   2024-09-15 08:46:23 by Adam Ciarcinski | Files touched by this commit (11) | Imported package
Log message:
libarchive: imported version 3.7.5

Libarchive 3.7.5

Security fixes:

fix multiple vulnerabilities identified by SAST
cpio: ignore out-of-range gid/uid/size/ino and harden AFIO parsing
lzop: prevent integer overflow
rar4: protect copy_from_lzss_window_to_unp()
rar4: fix CVE-2024-26256
rar4: fix OOB in delta and audio filter
rar4: fix out of boundary access with large files
rar4: add boundary checks to rgb filter
rar4: fix OOB access with unicode filenames
rar5: clear 'data ready' cache on window buffer reallocs
rpm: calculate huge header sizes correctly
unzip: unify EOF handling
util: fix out of boundary access in mktemp functions
uu: stop processing if lines are too long

Important bugfixes:

7zip: fix issue when skipping first file in 7zip archive that is a multiple of \ 
65536 bytes
ar: fix archive entries having no type
lha: do not allow negative file sizes
lha: fix integer truncation on 32-bit systems
shar: check strdup return value
rar5: don't try to read rediculously long names
xar: fix another infinite loop and expat error handling
many Windows fixes, cleanups and improvements
   2024-05-03 19:14:58 by Jonathan Perkin | Files touched by this commit (1) 
Log message:
bsdtar: Include limits.h for INT_MAX.
   2024-04-30 07:51:38 by Adam Ciarcinski | Files touched by this commit (2) | Imported package
Log message:
Libarchive 3.7.4 is a bugfix and security release

Security fixes:

rar: Fix OOB in rar e8 filter (CVE-2024-26256)
zip: Fix out of boundary access

Important bugfixes:

7zip: Limit amount of properties
bsdtar: Fix error handling around strtol() usages
passphrase: Improve newline handling on Windows
passphrase: Never allow empty passwords
rar: Fix "File CRC Error" when extracting specific rar4 archives
xar: Avoid infinite link loop
zip: Update AppleDouble support for directories
zstd: Implement core detection
   2024-04-15 15:37:24 by David H. Gutteridge | Files touched by this commit (1) 
Log message:
libarchive: fix builds where __RCSID isn't defined by the OS

The 3.7.3 release removed all __FBSDID and __RCSID strings and support
for them. Evidently there was a merge botch with archive_pack_dev.c
where __RCSID was retained there in our copy, which breaks builds on
most OSes. Addresses PR pkg/58152 from Hiroshi Hakoyama.
   2024-04-12 17:39:58 by Adam Ciarcinski | Files touched by this commit (682) | Package updated
Log message:
libarchive: updated to 3.7.3

Libarchive 3.7.3 is a feature, security and bugfix release.

New features:

PCRE2 support
add trailing letter b to bsdtar(1) substitute pattern
add support for long options "--group" and "--owner" to tar(1)

Security fixes:

Fix possible vulnerability in tar error reporting introduced in f27c173

Important bugfixes:

ISO9660: preserve the natural order of links
rar5: fix decoding unicode filenames on Windows
rar5: fix infinite loop if during rar5 decompression the last block produced no data
xz filter: fix incorrect eof at the end of an lzip member
zip: fix end-of-data marker processing when decompressing zip archives
multiple bsdunzip(1) fixes
filetime truncation fix on Windows