Navigation:
Browse pkgsrc
(this page) 2024-10-19 07:40:01 by Adam Ciarcinski | Files touched by this commit (362) |  |
Log message: libarchive: updated to 3.7.7 Libarchive 3.7.7 is a bugfix and security release Security fixes: gzip: prevent a hang when processing a malformed gzip inside a gzip tar: don't crash on truncated tar archives tar: fix two leaks in tar header parsing Important bugfixes: 7-zip: read/write symlink paths as UTF-8 cpio: exit with an error code if an entry could not be extracted rar5: report encrypted entries tar: fix truncation of entry pathnames in specific archives windows: fix ARCHIVE_EXTRACT_SECURE_NOABSOLUTEPATHS Libarchive 3.7.6 is a bugfix and security release. This release fixes a tar regression introduced in libarchive 3.7.5 Important bugfixes. tar: clean up linkpath between entries tar: fix memory leaks when processing symlinks or parsing pax headers iso: be more cautious about parsing ISO-9660 timestamps |
2024-10-19 07:28:44 by Adam Ciarcinski | Files touched by this commit (15) |  |
Log message: libarchove: import version 3.7.7 |
| 2024-09-15 09:02:22 by Adam Ciarcinski | Files touched by this commit (182) | |
Log message: libarchive: updated to 3.7.5 Libarchive 3.7.5 Security fixes: fix multiple vulnerabilities identified by SAST cpio: ignore out-of-range gid/uid/size/ino and harden AFIO parsing lzop: prevent integer overflow rar4: protect copy_from_lzss_window_to_unp() rar4: fix CVE-2024-26256 rar4: fix OOB in delta and audio filter rar4: fix out of boundary access with large files rar4: add boundary checks to rgb filter rar4: fix OOB access with unicode filenames rar5: clear 'data ready' cache on window buffer reallocs rpm: calculate huge header sizes correctly unzip: unify EOF handling util: fix out of boundary access in mktemp functions uu: stop processing if lines are too long Important bugfixes: 7zip: fix issue when skipping first file in 7zip archive that is a multiple of \ 65536 bytes ar: fix archive entries having no type lha: do not allow negative file sizes lha: fix integer truncation on 32-bit systems shar: check strdup return value rar5: don't try to read rediculously long names xar: fix another infinite loop and expat error handling many Windows fixes, cleanups and improvements |
| 2024-09-15 08:46:23 by Adam Ciarcinski | Files touched by this commit (11) | |
Log message: libarchive: imported version 3.7.5 Libarchive 3.7.5 Security fixes: fix multiple vulnerabilities identified by SAST cpio: ignore out-of-range gid/uid/size/ino and harden AFIO parsing lzop: prevent integer overflow rar4: protect copy_from_lzss_window_to_unp() rar4: fix CVE-2024-26256 rar4: fix OOB in delta and audio filter rar4: fix out of boundary access with large files rar4: add boundary checks to rgb filter rar4: fix OOB access with unicode filenames rar5: clear 'data ready' cache on window buffer reallocs rpm: calculate huge header sizes correctly unzip: unify EOF handling util: fix out of boundary access in mktemp functions uu: stop processing if lines are too long Important bugfixes: 7zip: fix issue when skipping first file in 7zip archive that is a multiple of \ 65536 bytes ar: fix archive entries having no type lha: do not allow negative file sizes lha: fix integer truncation on 32-bit systems shar: check strdup return value rar5: don't try to read rediculously long names xar: fix another infinite loop and expat error handling many Windows fixes, cleanups and improvements |
| 2024-05-03 19:14:58 by Jonathan Perkin | Files touched by this commit (1) |
Log message: bsdtar: Include limits.h for INT_MAX. |
| 2024-04-30 07:51:38 by Adam Ciarcinski | Files touched by this commit (2) | |
Log message: Libarchive 3.7.4 is a bugfix and security release Security fixes: rar: Fix OOB in rar e8 filter (CVE-2024-26256) zip: Fix out of boundary access Important bugfixes: 7zip: Limit amount of properties bsdtar: Fix error handling around strtol() usages passphrase: Improve newline handling on Windows passphrase: Never allow empty passwords rar: Fix "File CRC Error" when extracting specific rar4 archives xar: Avoid infinite link loop zip: Update AppleDouble support for directories zstd: Implement core detection |
| 2024-04-15 15:37:24 by David H. Gutteridge | Files touched by this commit (1) |
Log message: libarchive: fix builds where __RCSID isn't defined by the OS The 3.7.3 release removed all __FBSDID and __RCSID strings and support for them. Evidently there was a merge botch with archive_pack_dev.c where __RCSID was retained there in our copy, which breaks builds on most OSes. Addresses PR pkg/58152 from Hiroshi Hakoyama. |
| 2024-04-12 17:39:58 by Adam Ciarcinski | Files touched by this commit (682) | |
Log message: libarchive: updated to 3.7.3 Libarchive 3.7.3 is a feature, security and bugfix release. New features: PCRE2 support add trailing letter b to bsdtar(1) substitute pattern add support for long options "--group" and "--owner" to tar(1) Security fixes: Fix possible vulnerability in tar error reporting introduced in f27c173 Important bugfixes: ISO9660: preserve the natural order of links rar5: fix decoding unicode filenames on Windows rar5: fix infinite loop if during rar5 decompression the last block produced no data xz filter: fix incorrect eof at the end of an lzip member zip: fix end-of-data marker processing when decompressing zip archives multiple bsdunzip(1) fixes filetime truncation fix on Windows |
| 2024-04-12 17:28:59 by Adam Ciarcinski | Files touched by this commit (10) | |
Log message: libarchive: import version 3.7.3 |
| 2024-03-31 15:35:09 by Jonathan Schleifer | Files touched by this commit (1) |
Log message: archivers/libarchive: Revert fix for QNX bsdzip isn't being built anymore. |
New packages: