Overview
Request 1111737 accepted
- update to 3.7.2:
* Multiple vulnerabilities have been fixed in the PAX writer
* bsdunzip(1) now correctly handles arguments following an
-x after the zipfile
* zstd filter now supports the "long" write option
* SEGV and stack buffer overflow in verbose mode of cpio
* bsdunzip updated to match latest upstream code
* miscellaneous functional bugfixes
* NULL pointer dereference vulnerability in archive_write.c
* fix heap user after free in run_filters() (OSS-Fuzz 46279, #1715)
* ZIP reader: Support of deflate algorithm in symbolic link decompression
- Switch to cmake build
- libarchive-xattr.patch, fix subtle wrong library check
- libarchive-openssl.patch: Call OPENSSL_config where needed,
otherwise on systems configured to use openSSL engines such
This is a maintenance update to fix issues with the new RAR
- Enforce usage of reentrant versions of libc functions
- fix failed tests on ppc
- Use %makeinstall to be SLES compatible
- For SLES11 work around missing rpm macro
- Add suport for xz and xar archives
- Add libarchive-2.8.4-iso9660-data-types.patch:
- fix dependency of devel package
- remove minitar objects (leave binary there for now)
- Created by dirkmueller
- In state accepted
- Package maintainer: adrianSuSE
Request History
dirkmueller created request
- update to 3.7.2:
* Multiple vulnerabilities have been fixed in the PAX writer
* bsdunzip(1) now correctly handles arguments following an
-x after the zipfile
* zstd filter now supports the "long" write option
* SEGV and stack buffer overflow in verbose mode of cpio
* bsdunzip updated to match latest upstream code
* miscellaneous functional bugfixes
* NULL pointer dereference vulnerability in archive_write.c
* fix heap user after free in run_filters() (OSS-Fuzz 46279, #1715)
* ZIP reader: Support of deflate algorithm in symbolic link decompression
- Switch to cmake build
- libarchive-xattr.patch, fix subtle wrong library check
- libarchive-openssl.patch: Call OPENSSL_config where needed,
otherwise on systems configured to use openSSL engines such
This is a maintenance update to fix issues with the new RAR
- Enforce usage of reentrant versions of libc functions
- fix failed tests on ppc
- Use %makeinstall to be SLES compatible
- For SLES11 work around missing rpm macro
- Add suport for xz and xar archives
- Add libarchive-2.8.4-iso9660-data-types.patch:
- fix dependency of devel package
- remove minitar objects (leave binary there for now)
pluskalm accepted request
@adrianSuSE: review reminder