#
b9128a37 |
| 16-Apr-2024 |
Martin Matuska <mm@FreeBSD.org> |
libarchive: merge from vendor branch
Libarchive 3.7.3
New features: #1941 uudecode filter: support file name and file mode in raw mode #1943 7-zip reader: translate Windows permissions into UNI
libarchive: merge from vendor branch
Libarchive 3.7.3
New features: #1941 uudecode filter: support file name and file mode in raw mode #1943 7-zip reader: translate Windows permissions into UNIX permissions #1962 zstd filter now supports the "long" write option #2012 add trailing letter b to bsdtar(1) substitute pattern #2031 PCRE2 support #2054 add support for long options "--group" and "--owner" to tar(1)
Security fixes: #2101 Fix possible vulnerability in tar error reporting introduced in f27c173
Important bugfixes: #1974 ISO9660: preserve the natural order of links #2105 rar5: fix infinite loop if during rar5 decompression the last block produced no data #2027 xz filter: fix incorrect eof at the end of an lzip member #2043 zip: fix end-of-data marker processing when decompressing zip archives
PR: 278315 (exp-run) MFC after: 1 week
show more ...
|
#
24113d8c |
| 14-Sep-2016 |
Martin Matuska <mm@FreeBSD.org> |
MFV r305816: Sync libarchive with vendor including important security fixes.
Issues fixed (FreeBSD): PR #778: ACL error handling Issue #745: Symlink check prefix optimization is too aggressive Issue
MFV r305816: Sync libarchive with vendor including important security fixes.
Issues fixed (FreeBSD): PR #778: ACL error handling Issue #745: Symlink check prefix optimization is too aggressive Issue #746: Hard links with data can evade sandboxing restrictions
This update fixes the vulnerability #3 and vulnerability #4 as reported in "non-cryptanalytic attacks against FreeBSD update components". https://gist.github.com/anonymous/e48209b03f1dd9625a992717e7b89c4f
Fix for vulnerability #2 has already been merged in r304989.
MFC after: 1 week Security: http://gist.github.com/anonymous/e48209b03f1dd9625a992717e7b89c4f
show more ...
|
#
cfa49a9b |
| 14-Aug-2016 |
Martin Matuska <mm@FreeBSD.org> |
MFV r304060: Sync libarchive with vendor including three security fixes
Vendor issues fixed:
Issue #744: Very long pathnames evade symlink checks Issue #748: libarchive can compress, but cannot dec
MFV r304060: Sync libarchive with vendor including three security fixes
Vendor issues fixed:
Issue #744: Very long pathnames evade symlink checks Issue #748: libarchive can compress, but cannot decompress zip some files PR #750: ustar: fix out of bounds read on empty string ("") filename PR #755: fix use of acl_get_flagset_np() on FreeBSD
MFC after: 3 days
show more ...
|