Subject: CVS commit: [pkgsrc-2014Q1] pkgsrc/archivers/libarchive
From: Matthias Scheler
Date: 2014-04-24 11:34:06
Message id: 20140424093406.936AC96@cvs.netbsd.org
Log Message:
Pullup ticket #4388 - requested by he
archivers/libarchive: security patch

Revisions pulled up:
- archivers/libarchive/Makefile                                 1.40
- archivers/libarchive/files/libarchive/archive_read_support_format_iso9660.c 1.4
- archivers/libarchive/files/libarchive/archive_read_support_format_tar.c 1.4

---
   Module Name:	pkgsrc
   Committed By:	he
   Date:		Thu Apr  3 13:05:15 UTC 2014

   Modified Files:
   	pkgsrc/archivers/libarchive: Makefile
   	pkgsrc/archivers/libarchive/files/libarchive:
   	    archive_read_support_format_iso9660.c
   	    archive_read_support_format_tar.c

   Log Message:
   Apply fixes for CVE-2011-1777 and CVE-2011-1778 (add check for
   buffer overflows in handling iso9660 and tar images), despite
   Joerg telling me I should have better things to spend my time on.

   Fixes pulled from

     https://bugzilla.redhat.com/show_bug.cgi?id=705849

   Bump PKGREVISION.
Files:
RevisionActionfile
1.39.2.1modifypkgsrc/archivers/libarchive/Makefile
0modifypkgsrc/archivers/libarchive/files/libarchive [pkgsrc-2014Q1]/archive_read_support_format_iso9660.c
0modifypkgsrc/archivers/libarchive/files/libarchive [pkgsrc-2014Q1]/archive_read_support_format_tar.c