#
b9128a37 |
|
16-Apr-2024 |
Martin Matuska <mm@FreeBSD.org> |
libarchive: merge from vendor branch Libarchive 3.7.3 New features: #1941 uudecode filter: support file name and file mode in raw mode #1943 7-zip reader: translate Windows permissions into UNIX permissions #1962 zstd filter now supports the "long" write option #2012 add trailing letter b to bsdtar(1) substitute pattern #2031 PCRE2 support #2054 add support for long options "--group" and "--owner" to tar(1) Security fixes: #2101 Fix possible vulnerability in tar error reporting introduced in f27c173 Important bugfixes: #1974 ISO9660: preserve the natural order of links #2105 rar5: fix infinite loop if during rar5 decompression the last block produced no data #2027 xz filter: fix incorrect eof at the end of an lzip member #2043 zip: fix end-of-data marker processing when decompressing zip archives PR: 278315 (exp-run) MFC after: 1 week
|
#
c3afd20f |
|
01-Dec-2020 |
Martin Matuska <mm@FreeBSD.org> |
MFV r368207: Update libarchive to 3.5.0 Relevant vendor changes: Issue #1258: add archive_read_support_filter_by_code() PR #1347: mtree digest reader support Issue #1381: skip hardlinks pointing to itself on extraction PR #1387: fix writing of cpio archives with hardlinks without file type PR #1388: fix rdev field in cpio format for device nodes PR #1389: completed support for UTF-8 encoding conversion PR #1405: more formats in archive_read_support_format_by_code() PR #1408: fix uninitialized size in rar5_read_data PR #1409: system extended attribute support PR #1435: support for decompression of symbolic links in zipx archives Issue #1456: memory leak after unsuccessful archive_write_open_filename MFC after: 1 week
|
#
a39fc08d |
|
12-Feb-2019 |
Martin Matuska <mm@FreeBSD.org> |
MFV r344063: Sync libarchive with vendor. Relevant vendor changes: PR #1085: Fix a null pointer dereference bug in zip writer PR #1110: ZIP reader added support for XZ, LZMA, PPMD8 and BZIP2 decopmpression PR #1116: Add support for 64-bit ar format PR #1120: Fix a 7zip crash [1] and a ISO9660 infinite loop [2] PR #1125: RAR5 reader - fix an invalid read and a memory leak PR #1131: POSIX reader - do not fail when tree_current_lstat() fails due to ENOENT [3] PR #1134: Delete unnecessary null pointer checks before calls of free() OSS-Fuzz 10843: Force intermediate to uint64_t to make UBSAN happy. OSS-Fuzz 11011: Avoid buffer overflow in rar5 reader PR: 233006 [3] Security: CVE-2019-1000019 [1], CVE-2019-1000020 [2] MFC after: 2 weeks
|
#
98bf66e6 |
|
13-Dec-2018 |
Martin Matuska <mm@FreeBSD.org> |
MFV r341771,342040,342041: Sync libarchive with vendor. Relevant vendor changes: PR #1102: RAR5 reader - fix big-endian problems PR #1105: Fix various crash, memory corruption and infinite loop conditions PR #1107: RAR5 reader: removed an unused function: bf_is_last_block MFC after: 1 week
|
#
7d69e4cd |
|
26-Nov-2018 |
Martin Matuska <mm@FreeBSD.org> |
MFV r340938: Sync libarchive with vendor. Relevant vendor changes: Issue #1096: Support extracting ACLs with in-entry comments (GNU tar) PR #1023: Support extracting extattrs as non-root on non-user-writeable files MFC after: 1 week
|
#
276f481d |
|
23-Nov-2018 |
Martin Matuska <mm@FreeBSD.org> |
MFV r340865: Sync libarchive with vendor. Relevant vendor changes: PR #1080: Spelling fixes PR #1084: RAR5 reader bugfixes PR #1091: fix use-after-free in delayed newc link processing PR #1092: Fix a few obvious resource leaks and strcpy() misuses MFC after: 1 week
|
#
482a8150 |
|
20-Sep-2018 |
Martin Matuska <mm@FreeBSD.org> |
MFV r338797: Sync libarchive with vendor. Relevant vendor changes: PR #1019: Add allocation check for the zip_entry struct Oss-Fuzz #10192: Handle whitespace-only ACL fields correctly Approved by: re (kib) MFC after: 1 week
|
#
a2a3407c |
|
24-Jan-2018 |
Martin Matuska <mm@FreeBSD.org> |
MFV r328323,328324: Sync libarchive with vendor. Relevant vendor changes: PR #893: delete dead ppmd7 alloc callbacks PR #904: Fix archive freeing bug in bsdcat PR #961: Fix ZIP format names PR #962: Don't modify attributes for existing directories when ARCHIVE_EXTRACT_NO_OVERWRITE is set PR #964: Fix -Werror=implicit-fallthrough= for GCC 7 PR #970: zip: Allow backslash as path separator MFC after: 1 week
|
#
5d6770bd |
|
15-Feb-2017 |
Martin Matuska <mm@FreeBSD.org> |
MFV r313781: Sync libarchive with vendor Vendor changes: Make SCHILY.acl.ace header more compact (NFSv4 ACLs) Vendor bugfixes: zip reader integer parsing fix (OSS-Fuzz 556) spelling fixes (issue #863)
|
#
9f3de9e2 |
|
01-Feb-2017 |
Martin Matuska <mm@FreeBSD.org> |
MFV r313071: Sync libarchive with vendor Vendor changes (relevant to FreeBSD): - support extracting NFSv4 ACLs from Solaris tar archives - bugfixes and optimizations in the ACL code - multiple fixes in the test suite - typo and other small bugfixes Security fixes: - cab reader: endless loop when parsing MSZIP signature (OSS-Fuzz 335) - LHA reader: heap-buffer-overflow in lha_read_file_header_1() (CVE-2017-5601) - LZ4 reader: null-pointer dereference in lz4_filter_read_legacy_stream() (OSS-Fuzz 453) - mtree reader: heap-buffer-overflow in detect_form() (OSS-Fuzz 421, 443) - WARC reader: heap-buffer-overflow in xstrpisotime() (OSS-Fuzz 382, 458) Memory leak fixes: - ACL support: free memory allocated by acl_get_qualifier() - disk writer: missing free in create_filesystem_object() - file reader: fd leak (Coverity 1016755) - gnutar writer: fix free in archive_write_gnutar_header() (Coverity 101675) - iso 9660 reader: missing free in parse_file_info() (partial Coverity 1016754) - program reader: missing free in __archive_read_program() - program writer: missing free in __archive_write_program_free() - xar reader: missing free in xar_cleanup() - xar reader: missing frees in expat_xmlattr_setup() (Coverity 1229979-1229981) - xar writer: missing free in file_free() - zip reader: missing free in zip_read_local_file_header() MFC after: 1 week X-MFC with: 310866, 310868, 310870, 311899
|
#
2dbf8c4a |
|
10-Jan-2017 |
Martin Matuska <mm@FreeBSD.org> |
MFV r311899: Sync libarchive with vendor. Vendor bugfixes: #691: Support for SCHILY.xattr extended attributes #854: Spelling fixes Multiple fixes in ACL code: - prefer acl_set_fd_np() to acl_set_fd() - if acl_set_fd_np() fails, do no fallback to acl_set_file() - do not warn if trying to write ACLs to a filesystem without ACL support - fix id handling in archive_acl_(from_to)_text*() for NFSv4 ACLs MFC after: 1 week X-MFC with: r310866
|
#
e9ed7ea4 |
|
30-Dec-2016 |
Martin Matuska <mm@FreeBSD.org> |
MFV r310796, r310797: Sync libarchive with vendor. Vendor changes (relevant to FreeBSD): PR #771: Add NFSv4 ACL support to pax and restricted pax NFSv4 ACL information may now be stored to and restored from tar archives. ACL must be non-trivial and supported by the underlying filesystem, e.g. natively by ZFS or by UFS with the NFSv4 ACL enable flag set. MFC after: 2 weeks Relnotes: yes
|
#
6a414569 |
|
16-Dec-2016 |
Martin Matuska <mm@FreeBSD.org> |
MFV r310115,310184: Sync libarchive with vendor. Vendor bugfixes (relevant to FreeBSD): PR 830, 831, 833: Spelling fixes OSS-Fuzz 227, 230, 239: Fix possible memory leak in archive_read_free() OSS-Fuzz 237: Fix heap buffer overflow when reading invalid ar archives MFC after: 1 week
|
#
d5d08d29 |
|
29-Nov-2016 |
Martin Matuska <mm@FreeBSD.org> |
MFV r309299: Sync libarchive with vendor. Important vendor bugfixes (relevant to FreeBSD): #821: tar -P cannot extract hardlinks through symlinks #825: Add sanity check of tar "uid, "gid" and "mtime" fields PR: 213255 Reported by: Tijl Coosemans <tilj@FreeBSD.org> MFC after: 1 week
|
#
47af42f8 |
|
05-Sep-2016 |
Martin Matuska <mm@FreeBSD.org> |
MFV r305420: Sync libarchive with vendor Vendor issues fixed: PR #777: Multiple bugfixes for setup_acls() This includes a bugfix for a bug that caused ACLs not to be read properly for files and directories inside subdirectories and as a result not being stored or being incorrectly stored in tar archives. MFC after: 3 days
|
#
c438d384 |
|
29-Aug-2016 |
Martin Matuska <mm@FreeBSD.org> |
Revert r304869 This commit was incorrect and will be re-committed asap. |
#
c4676089 |
|
26-Aug-2016 |
Martin Matuska <mm@FreeBSD.org> |
MFV r304866: Sync libarchive with vendor including security fixes Vendor issues fixed: Issue #731: Reject tar entries >= INT64_MAX Issue #744 (part of Issue #743): Enforce sandbox with very long pathnames Issue #748: Zip decompression failure with highly-compressed data Issue #767: Buffer overflow printing a filename Issue #770: Zip read: be more careful about extra_length MFC after: 3 days
|
#
fd082e96 |
|
28-Jul-2012 |
Martin Matuska <mm@FreeBSD.org> |
Update libarchive to 3.0.4
|
#
6c95142e |
|
25-Feb-2012 |
Martin Matuska <mm@FreeBSD.org> |
Update libarchive to 3.0.3 Some of new features: - New readers: RAR, LHA/LZH, CAB reader, 7-Zip - New writers: ISO9660, XAR - Improvements to many formats, especially including ISO9660 and Zip - Stackable write filters to write, e.g., tar.gz.uu in a single pass - Exploit seekable input; new "seekable" Zip reader can exploit the Zip Central Directory when it's available; the old "streamable" Zip reader is still fully supported for cases where seeking is not possible. Full release notes available at: https://github.com/libarchive/libarchive/wiki/ReleaseNotes
|
#
c438d384 |
|
29-Aug-2016 |
Martin Matuska <mm@FreeBSD.org> |
Revert r304869 This commit was incorrect and will be re-committed asap.
|