Index | index by Group | index by Distribution | index by Vendor | index by creation date | index by Name | Mirrors | Help | Search |
Name: bsdtar | Distribution: openSUSE:Factory:zSystems |
Version: 3.7.4 | Vendor: openSUSE |
Release: 3.1 | Build date: Thu Jun 20 16:56:58 2024 |
Group: Productivity/Archiving/Compression | Build host: reproducible |
Size: 1928730 | Source RPM: libarchive-3.7.4-3.1.src.rpm |
Packager: https://bugs.opensuse.org | |
Url: https://www.libarchive.org/ | |
Summary: Utility to read several different streaming archive formats |
This package contains the bsdtar cmdline utility.
BSD-2-Clause
* Thu Jun 20 2024 Antonio Teixeira <antonio.teixeira@suse.com> - Update lib-suffix.patch * Add LIB_SUFFIX to libdir path in the pkg-config file * Wed May 22 2024 Danilo Spinella <danilo.spinella@suse.com> - Fix bsdunzip test failing due to a locale issue * fix-bsdunzip-test.patch * Tue Apr 30 2024 Danilo Spinella <danilo.spinella@suse.com> - Update to 3.7.4: * rar: Fix OOB in rar e8 filter (CVE-2024-26256, bsc#1222911) * zip: Fix out of boundary access * 7zip: Limit amount of properties * bsdtar: Fix error handling around strtol() usages * passphrase: Improve newline handling on Windows * passphrase: Never allow empty passwords * rar: Fix "File CRC Error" when extracting specific rar4 archives * xar: Avoid infinite link loop * zip: Update AppleDouble support for directories * zstd: Implement core detection - Update to 3.7.3: * PCRE2 support * add trailing letter b to bsdtar(1) substitute pattern * add support for long options "--group" and "--owner" to tar(1) * Fix possible vulnerability in tar error reporting introduced in f27c173 * ISO9660: preserve the natural order of links * rar5: fix decoding unicode filenames on Windows * rar5: fix infinite loop if during rar5 decompression the last block produced no data * xz filter: fix incorrect eof at the end of an lzip member * zip: fix end-of-data marker processing when decompressing zip archives * multiple bsdunzip(1) fixes * filetime truncation fix on Windows - Fix rpmlint warning about summary being too long * Fri Dec 29 2023 Dirk Müller <dmueller@suse.com> - skip write tests on 32bit, they OOM * Sun Sep 17 2023 Dirk Müller <dmueller@suse.com> - update to 3.7.2: * Multiple vulnerabilities have been fixed in the PAX writer * bsdunzip(1) now correctly handles arguments following an - x after the zipfile * zstd filter now supports the "long" write option * SEGV and stack buffer overflow in verbose mode of cpio * bsdunzip updated to match latest upstream code * miscellaneous functional bugfixes * Mon Jul 24 2023 Bernhard Wiedemann <bwiedemann@suse.com> - update to 3.7.0 * bsdunzip port from FreeBSD * fix 2 year 2038 issues * Fri Dec 23 2022 Dirk Müller <dmueller@suse.com> - update to 3.6.2 (bsc#1205629, CVE-2022-36227) * NULL pointer dereference vulnerability in archive_write.c * include ZSTD in Windows builds (#1688) * SSL fixes on Windows (#1714, #1723, #1724) * rar5 reader: fix possible garbled output with bsdtar -O (#1745) * mtree reader: support reading mtree files with tabs (#1783) * various small fixes for issues found by CodeQL - Drop upstream merged CVE-2022-36227.patch * Tue Nov 22 2022 Danilo Spinella <danilo.spinella@suse.com> - Fix CVE-2022-36227, Handle a calloc returning NULL (CVE-2022-36227, bsc#1205629) * CVE-2022-36227.patch * Fri Apr 08 2022 Dirk Müller <dmueller@suse.com> - update to 3.6.1: * 7zip reader: fix PPMD read beyond boundary (#1671) * ZIP reader: fix possible out of bounds read (OSS-Fuzz 38766 #1672) * ISO reader: fix possible heap buffer overflow in read_children() (OSS-Fuzz 38764, #1685) * RARv4 redaer: fix multiple issues in RARv4 filter code (introduced in libarchive 3.6.0) * fix heap use after free in archive_read_format_rar_read_data() (OSS-Fuzz 44547, 52efa50) * fix null dereference in read_data_compressed() (OSS-Fuzz 44843, 1271f77) * fix heap user after free in run_filters() (OSS-Fuzz 46279, #1715) - Drop upstream merged fix-CVE-2022-26280.patch * Thu Apr 07 2022 Danilo Spinella <danilo.spinella@suse.com> - Fix CVE-2022-26280 out-of-bounds read via the component zipx_lzma_alone_init (CVE-2022-26280, bsc#1197634) * fix-CVE-2022-26280.patch * Thu Feb 24 2022 Ferdinand Thiessen <rpm@fthiessen.de> - Update to 3.6.0 * Fix use-after-free bug (CVE-2021-36976) * tar: new option "--no-read-sparse" * tar: threads support for zstd * RAR reader: filter support * RAR5 reader: self-extracting archive support * ZIP reader: zstd decompression support * tar: respect "--ignore-zeros" in c, r and u modes * reduced size of application binaries * internal code optimizations - Drop upstream merged: * fix-following-symlinks.patch * fix-CVE-2021-36976.patch * Wed Feb 23 2022 Danilo Spinella <danilo.spinella@suse.com> - Fix CVE-2021-36976 use-after-free in copy_string (CVE-2021-36976, bsc#1188572) * fix-CVE-2021-36976.patch - The following issues have already been fixed in this package but weren't previously mentioned in the changes file: CVE-2017-5601, bsc#1022528, bsc#1189528 * Mon Nov 29 2021 Adrian Schröter <adrian@suse.de> - fix permission settings on following symlinks (fix-following-symlinks.patch) this fixes also wrong permissions of /var/tmp in factory systems CVE-2021-31566 * Sun Nov 07 2021 Andreas Stieger <andreas.stieger@gmx.de> - update to 3.5.2: * CPIO: Support for PWB and v7 binary cpio formats * ZIP reader: Support of deflate algorithm in symbolic link decompression * security: fix handling of symbolic link ACLs on Linux (boo#1192425) * security: never follow symlinks when setting file flags on Linux (boo#1192426) * security: do not follow symlinks when processing the fixup list (boo#1192427) * fix extraction of hardlinks to symlinks * 7zip reader and writer fixes * RAR reader fixes * ZIP reader: fix excessive read for padded zip * CAB reader: fix double free * handle short writes from archive_write_callback - Drop upstream mereged: * CVE-2021-23177.patch * CVE-2021-31566.patch * bsc1192427.patch * Thu Oct 21 2021 Danilo Spinella <danilo.spinella@suse.com> - Fix CVE-2021-31566, modifies file flags of symlink target (CVE-2021-31566, bsc#1192426.patch) CVE-2021-31566.patch - Fix bsc#1192427, processing fixup entries may follow symbolic links bsc1192427.patch * Sun Sep 12 2021 Danilo Spinella <danilo.spinella@suse.com> - Fix CVE-2021-23177, extracting a symlink with ACLs modifies ACLs of target (CVE-2021-23177, bsc#1192425) * CVE-2021-23177.patch * Wed Jan 06 2021 Dirk Müller <dmueller@suse.com> - update to 3.5.1: * various compilation fixes (#1461, #1462, #1463, #1464) * fixed undefined behavior in a function in warc reader (#1465)
/usr/bin/bsdcat /usr/bin/bsdcpio /usr/bin/bsdtar /usr/bin/bsdunzip /usr/share/man/man1/bsdcat.1.gz /usr/share/man/man1/bsdcpio.1.gz /usr/share/man/man1/bsdtar.1.gz /usr/share/man/man1/bsdunzip.1.gz /usr/share/man/man5/libarchive-formats.5.gz
Generated by rpm2html 1.8.1
Fabrice Bellet, Wed Oct 2 01:38:08 2024