#
bd66c1b4 |
| 20-Oct-2024 |
Martin Matuska <mm@FreeBSD.org> |
libarchive: merge from vendor branch
Libarchive 3.7.7
Security fixes: #2158 rpm: calculate huge header sizes correctly #2160 util: fix out of boundary access in mktemp functions #2168 uu: stop p
libarchive: merge from vendor branch
Libarchive 3.7.7
Security fixes: #2158 rpm: calculate huge header sizes correctly #2160 util: fix out of boundary access in mktemp functions #2168 uu: stop processing if lines are too long #2174 lzop: prevent integer overflow #2172 rar4: protect copy_from_lzss_window_to_unp() (CVE-2024-20696) #2175 unzip: unify EOF handling #2179 rar4: fix out of boundary access with large files #2203 rar4: fix OOB access with unicode filenames #2210 rar4: add boundary checks to rgb filter #2248 rar4: fix OOB in delta filter #2249 rar4: fix OOB in audio filter #2256 fix multiple vulnerabilities identified by SAST #2258 cpio: ignore out-of-range gid/uid/size/ino and harden AFIO parsing #2265 rar5: clear 'data ready' cache on window buffer reallocs #2269 rar4: fix CVE-2024-26256 (CVE-2024-26256) #2330 iso: be more cautious about parsing ISO-9660 timestamps #2343 tar: clean up linkpath between entries #2364 tar: don't crash on truncated tar archives #2366 gzip: prevent a hang when processing a malformed gzip inside a gzip #2377 tar: fix two leaks in tar header parsing
Important bugfixes: #2096 rar5: report encrypted entries #2150 xar: fix another infinite loop and expat error handling #2173 shar: check strdup return value #2161 lha: fix integer truncation on 32-bit systems #2338 tar: fix memory leaks when processing symlinks or parsing pax headers #2245 7zip: fix issue when skipping first file in 7zip archive that is a multiple of 65536 bytes #2252 7-zip: read/write symlink paths as UTF-8 #2259 rar5: don't try to read rediculously long names #2290 ar: fix archive entries having no type #2360 tar: fix truncation of entry pathnames in specific archives
CVE: CVE-2024-20696, CVE-2024-26256 PR: 282047 (exp-run) MFC after: 1 week
show more ...
|
Revision tags: release/13.4.0, release/14.1.0 |
|
#
b9128a37 |
| 16-Apr-2024 |
Martin Matuska <mm@FreeBSD.org> |
libarchive: merge from vendor branch
Libarchive 3.7.3
New features: #1941 uudecode filter: support file name and file mode in raw mode #1943 7-zip reader: translate Windows permissions into UNI
libarchive: merge from vendor branch
Libarchive 3.7.3
New features: #1941 uudecode filter: support file name and file mode in raw mode #1943 7-zip reader: translate Windows permissions into UNIX permissions #1962 zstd filter now supports the "long" write option #2012 add trailing letter b to bsdtar(1) substitute pattern #2031 PCRE2 support #2054 add support for long options "--group" and "--owner" to tar(1)
Security fixes: #2101 Fix possible vulnerability in tar error reporting introduced in f27c173
Important bugfixes: #1974 ISO9660: preserve the natural order of links #2105 rar5: fix infinite loop if during rar5 decompression the last block produced no data #2027 xz filter: fix incorrect eof at the end of an lzip member #2043 zip: fix end-of-data marker processing when decompressing zip archives
PR: 278315 (exp-run) MFC after: 1 week
show more ...
|
Revision tags: release/13.3.0, release/14.0.0, release/13.2.0, release/12.4.0, release/13.1.0, release/12.3.0, release/13.0.0, release/12.2.0, release/11.4.0, release/12.1.0, release/11.3.0, release/12.0.0, release/11.2.0, release/10.4.0, release/11.1.0 |
|
#
be27b311 |
| 04-May-2017 |
Dimitry Andric <dim@FreeBSD.org> |
Merge ^/head r317503 through r317807.
|
#
a8fc61d5 |
| 04-May-2017 |
Martin Matuska <mm@FreeBSD.org> |
MFV r317781: Sync libarchive with vendor
Vendor changes (FreeBSD-related): PR 897: add test for ZIP archives with invalid EOCD headers PR 901: fix invalid renaming of sparse files OSS-Fuzz iss
MFV r317781: Sync libarchive with vendor
Vendor changes (FreeBSD-related): PR 897: add test for ZIP archives with invalid EOCD headers PR 901: fix invalid renaming of sparse files OSS-Fuzz issue 497: remove fallback tree in LZX decoder OSS-Fuzz issue 527: rewrite expressions in lz4 filter OSS-Fuzz issue 577: fix integer overflow in cpio reader OSS-Fuzz issue 862: fix numerc parsing in mtree reader OSS-Fuzz issue 1097: fix undefined shift in rar reader cpio: various optimizations and memory leak fixes
MFC after: 1 week
show more ...
|
Revision tags: release/11.0.1, release/11.0.0, release/10.3.0, release/10.2.0, release/10.1.0, release/9.3.0, release/10.0.0, release/9.2.0, release/8.4.0, release/9.1.0, release/8.3.0_cvs, release/8.3.0 |
|
#
8fa0b743 |
| 23-Jan-2012 |
Xin LI <delphij@FreeBSD.org> |
IFC @230489 (pending review).
|
#
80dbff4e |
| 04-Jan-2012 |
Sean Bruno <sbruno@FreeBSD.org> |
IFC to head to catch up the bhyve branch
Approved by: grehan@
|
Revision tags: release/9.0.0 |
|
#
caf54c4f |
| 21-Dec-2011 |
Martin Matuska <mm@FreeBSD.org> |
Copy libarchive from vendor branch to contrib
MFC after: 2 weeks
|