upstream/opnsense-src
1
0
Fork 0
mirror of https://github.com/opnsense/src.git synced 2026-02-15 08:38:13 -05:00
Code Issues Projects Releases Packages Wiki Activity Actions
opnsense-src/lib/libarchive
History
Martin Matuska 4e9261006a libarchive: merge from vendor branch 
libarchive 3.8.1

New features:
 #2088 7-zip reader: improve self-extracting archive detection
 #2137 zip writer: added XZ, LZMA, ZSTD and BZIP2 support
 #2403 zip writer: added LZMA + RISCV BCJ filter
 #2601 bsdtar: support --mtime and --clamp-mtime
 #2602 libarchive: mbedtls 3.x compatibility

Security fixes:
 #2422 tar reader: Handle truncation in the middle of a GNU long linkname
       (CVE-2024-57970)
 #2532 tar reader: fix unchecked return value in list_item_verbose()
       (CVE-2025-25724)
 #2532 unzip: fix null pointer dereference (CVE-2025-1632)
 #2568 warc: prevent signed integer overflow (CVE-2025-5916)
 #2584 rar: do not skip past EOF while reading (CVE-2025-5918)
 #2588 tar: fix overflow in build_ustar_entry (CVE-2025-5917)
 #2598 rar: fix double free with over 4 billion nodes (CVE-2025-5914)
 #2599 rar: fix heap-buffer-overflow (CVE-2025-5915)

Important bugfixes:
 #2399 7-zip reader: add SPARC filter support for non-LZMA compressors
 #2405 tar reader: ignore ustar size when pax size is present
 #2435 tar writer: fix bug when -s/a/b/ used more than once with b flag
 #2459 7-zip reader: add POWERPC filter support for non-LZMA compressors
 #2519 libarchive: handle ARCHIVE_FILTER_LZOP in archive_read_append_filter
 #2539 libarchive: add missing seeker function to archive_read_open_FILE()
 #2544 gzip: allow setting the original filename for gzip compressed files
 #2564 libarchive: improve lseek handling
 #2582 rar: support large headers on 32 bit systems
 #2587 bsdtar: don't hardlink negative inode files together
 #2596 rar: support large headers on 32 bit systems
 #2606 libarchive: support @-prefixed Unix epoch timestamps as date strings
 #2634 tar: Support negative time values with pax
 #2637 tar: Keep block alignment after pax error
 #2642 libarchive: fix FILE_skip regression
 #2643 tar: Handle extra bytes after sparse entries
 #2649 compress: Prevent call stack overflow
 #2651 iso9660: always check archive_string_ensure return value

CVE:		CVE-2024-57970, CVE-2025-1632, CVE-2025-25724,
		CVE-2025-5914, CVE-2025-5915, CVE-2025-5916,
		CVE-2025-5917, CVE-2025-5918
PR:		286944 (exp-run, main, libarchive 3.8.0)
Approved by:	so
Security:	FreeBSD-SA-25:07.libarchive

(cherry picked from commit 2e113ef82465598b8c26e0ca415fbe90677fbd47)
(cherry picked from commit 6dad4525a2910496ecf3c41de659aac906f6c1f4)
2025-08-08 11:49:21 +02:00
..
tests libarchive: merge from vendor branch 2025-08-08 11:49:21 +02:00
config_freebsd.h Remove $FreeBSD$: two-line .h pattern 2023-08-16 11:54:16 -06:00
Makefile libarchive: merge from vendor branch 2025-08-08 11:49:21 +02:00
Makefile.depend Remove $FreeBSD$: one-line sh pattern 2023-08-16 11:55:03 -06:00
Makefile.depend.options Remove $FreeBSD$: one-line sh pattern 2023-08-16 11:55:03 -06:00
Makefile.inc libarchive: fix thread autodetermination for zstd compression format 2024-06-27 10:53:41 +02:00