rpms
/
libarchive
20
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Compare commits

merge into: rpms:i10cs
Branches Tags
rpms:i10c-beta
rpms:c10-beta
rpms:i10cs
rpms:cs10
rpms:i8c
rpms:c8
rpms:i9c
rpms:c9
rpms:i9c-beta
rpms:c9-beta
...
pull from: rpms:c9
Branches Tags
rpms:i10c-beta
rpms:c10-beta
rpms:i10cs
rpms:cs10
rpms:i8c
rpms:c8
rpms:i9c
rpms:c9
rpms:i9c-beta
rpms:c9-beta

No commits in common. 'i10cs' and 'c9' have entirely different histories.
i10cs ... c9

8 changed files with 141 additions and 136 deletions
Show Stats

2
.gitignore vendored
Unescape View File

@ -1 +1 @@
SOURCES/libarchive-3.7.7.tar.gz SOURCES/libarchive-3.5.3.tar.gz

2
.libarchive.metadata
Unescape View File

@ -1 +1 @@
918692098b11db61aff23684ab04f375e4a68f69 SOURCES/libarchive-3.7.7.tar.gz 361b38405f4d6d01b22e4534aa7c217f5fa2db56 SOURCES/libarchive-3.5.3.tar.gz

24
SOURCES/0001-Drop-rmd160-from-OpenSSL.patch
Unescape View File

@ -1,24 +0,0 @@
From 375bbe7d20284f205ebb73652ef61ae6fceac344 Mon Sep 17 00:00:00 2001
From: Lukas Javorsky <ljavorsk@redhat.com>
Date: Tue, 18 Jul 2023 10:29:22 +0000
Subject: [PATCH] Drop rmd160 from OpenSSL
---
configure.ac | 1 -
1 file changed, 1 deletion(-)
diff --git a/configure.ac b/configure.ac
index 7f5dbdf..179fb2d 100644
--- a/configure.ac
+++ b/configure.ac
@@ -1300,7 +1300,6 @@ if test "x$with_openssl" != "xno"; then
LIBSREQUIRED="$LIBSREQUIRED${LIBSREQUIRED:+ }libcrypto"
AC_CHECK_LIB(crypto,OPENSSL_config)
CRYPTO_CHECK(MD5, OPENSSL, md5)
- CRYPTO_CHECK(RMD160, OPENSSL, rmd160)
CRYPTO_CHECK(SHA1, OPENSSL, sha1)
CRYPTO_CHECK(SHA256, OPENSSL, sha256)
CRYPTO_CHECK(SHA384, OPENSSL, sha384)
--
2.41.0

14
SOURCES/libarchive-3.5.3-Fix-CVE-2022-26280.patch
Unescape View File

@ -0,0 +1,14 @@
# Patch sources from libarchive upstream
# Source: https://github.com/libarchive/libarchive/commit/cfaa28168a07ea4a53276b63068f94fce37d6aff
--- libarchive-3.5.3/libarchive/archive_read_support_format_zip.c.old 2022-05-18 08:55:50.861574517 +0000
+++ libarchive-3.5.3/libarchive/archive_read_support_format_zip.c 2022-05-18 08:57:03.049574517 +0000
@@ -1657,7 +1657,7 @@ zipx_lzma_alone_init(struct archive_read
*/
/* Read magic1,magic2,lzma_params from the ZIPX stream. */
- if((p = __archive_read_ahead(a, 9, NULL)) == NULL) {
+ if(zip->entry_bytes_remaining < 9 || (p = __archive_read_ahead(a, 9, NULL)) == NULL) {
archive_set_error(&a->archive, ARCHIVE_ERRNO_FILE_FORMAT,
"Truncated lzma data");
return (ARCHIVE_FATAL);

38
SOURCES/libarchive-3.5.3-Fix-CVE-2022-36227.patch
Unescape View File

@ -0,0 +1,38 @@
From bff38efe8c110469c5080d387bec62a6ca15b1a5 Mon Sep 17 00:00:00 2001
From: obiwac <obiwac@gmail.com>
Date: Fri, 22 Jul 2022 22:41:10 +0200
Subject: [PATCH] libarchive: Handle a `calloc` returning NULL (fixes #1754)
---
libarchive/archive_write.c | 8 ++++++++
1 file changed, 8 insertions(+)
diff --git a/libarchive/archive_write.c b/libarchive/archive_write.c
index 66592e82..27626b54 100644
--- a/libarchive/archive_write.c
+++ b/libarchive/archive_write.c
@@ -201,6 +201,10 @@ __archive_write_allocate_filter(struct archive *_a)
struct archive_write_filter *f;
f = calloc(1, sizeof(*f));
+
+ if (f == NULL)
+ return (NULL);
+
f->archive = _a;
f->state = ARCHIVE_WRITE_FILTER_STATE_NEW;
if (a->filter_first == NULL)
@@ -548,6 +552,10 @@ archive_write_open2(struct archive *_a, void *client_data,
a->client_data = client_data;
client_filter = __archive_write_allocate_filter(_a);
+
+ if (client_filter == NULL)
+ return (ARCHIVE_FATAL);
+
client_filter->open = archive_write_client_open;
client_filter->write = archive_write_client_write;
client_filter->close = archive_write_client_close;
--
2.37.3

41
SOURCES/libarchive-3.5.3-Fix-size-filed-in-pax-header.patch
Unescape View File

@ -0,0 +1,41 @@
From afef3d7fc131df0dac09a46b8673898860a193db Mon Sep 17 00:00:00 2001
From: Zdenek Zambersky <zzambers@redhat.com>
Date: Tue, 11 Jan 2022 14:43:27 +0100
Subject: [PATCH] Fixed size filed in pax header
---
libarchive/archive_write_set_format_pax.c | 10 +++++++---
1 file changed, 7 insertions(+), 3 deletions(-)
diff --git a/libarchive/archive_write_set_format_pax.c b/libarchive/archive_write_set_format_pax.c
index a2b27107..52911491 100644
--- a/libarchive/archive_write_set_format_pax.c
+++ b/libarchive/archive_write_set_format_pax.c
@@ -1028,10 +1028,8 @@ archive_write_pax_header(struct archive_write *a,
archive_string_init(&entry_name);
archive_strcpy(&entry_name, archive_entry_pathname(entry_main));
- /* If file size is too large, add 'size' to pax extended attrs. */
+ /* If file size is too large, we need pax extended attrs. */
if (archive_entry_size(entry_main) >= (((int64_t)1) << 33)) {
- add_pax_attr_int(&(pax->pax_header), "size",
- archive_entry_size(entry_main));
need_extension = 1;
}
@@ -1347,6 +1345,12 @@ archive_write_pax_header(struct archive_write *a,
mapsize + pax->sparse_map_padding + sparse_total);
}
+ /* If file size is too large, add 'size' to pax extended attrs. */
+ if (archive_entry_size(entry_main) >= (((int64_t)1) << 33)) {
+ add_pax_attr_int(&(pax->pax_header), "size",
+ archive_entry_size(entry_main));
+ }
+
/* Format 'ustar' header for main entry.
*
* The trouble with file size: If the reader can't understand
--
2.34.3

15
SOURCES/openssl3-rmd160failure.patch
Unescape View File

@ -0,0 +1,15 @@
--- libarchive-3.5.1/libarchive/archive_digest.c.old 2021-05-27 15:46:54.988302284 +0200
+++ libarchive-3.5.1/libarchive/archive_digest.c 2021-05-27 15:50:03.519746886 +0200
@@ -432,9 +432,11 @@
static int
__archive_ripemd160init(archive_rmd160_ctx *ctx)
{
+ int ret;
if ((*ctx = EVP_MD_CTX_new()) == NULL)
return (ARCHIVE_FAILED);
- EVP_DigestInit(*ctx, EVP_ripemd160());
+ if (!(ret = EVP_DigestInit(*ctx, EVP_ripemd160())))
+ return (ARCHIVE_FAILED);
return (ARCHIVE_OK);
}

141
SPECS/libarchive.spec
Unescape View File

@ -1,21 +1,22 @@
%bcond_without check %bcond_without check
Name: libarchive Name: libarchive
Version: 3.7.7 Version: 3.5.3
Release: 1%{?dist} Release: 4%{?dist}
Summary: A library for handling streaming archive formats Summary: A library for handling streaming archive formats
# Licenses: License: BSD
# ./configure: FSFUL
# ./build/autoconf/lib-ld.m4: FSFULLR
# ./configure: FSFUL
# ./unzip/la_queue.h: BSD-3-Clause
# ./aclocal.m4: (FSFULLR and/or GPL-2) with Libtool-exception exception
License: BSD-2-Clause AND FSFULLR AND GPL-2.0-or-later WITH Libtool-exception AND BSD-3-Clause AND FSFUL
URL: https://www.libarchive.org/ URL: https://www.libarchive.org/
Source0: https://libarchive.org/downloads/%{name}-%{version}.tar.gz Source0: https://libarchive.org/downloads/%{name}-%{version}.tar.gz
BuildRequires: autoconf Patch1: openssl3-rmd160failure.patch
# Source: https://github.com/libarchive/libarchive/commit/cfaa28168a07ea4a53276b63068f94fce37d6aff
Patch2: %{name}-3.5.3-Fix-CVE-2022-26280.patch
# Source: https://github.com/libarchive/libarchive/commit/b1b501161013296d19dfe9acb84a341c8a1755b9
Patch3: %{name}-3.5.3-Fix-size-filed-in-pax-header.patch
# Source: https://github.com/libarchive/libarchive/commit/fd180c36036df7181a64931264732a10ad8cd024
Patch4: %{name}-3.5.3-Fix-CVE-2022-36227.patch
BuildRequires: automake BuildRequires: automake
BuildRequires: bison BuildRequires: bison
BuildRequires: bzip2-devel BuildRequires: bzip2-devel
@ -23,7 +24,6 @@ BuildRequires: e2fsprogs-devel
BuildRequires: gcc BuildRequires: gcc
BuildRequires: libacl-devel BuildRequires: libacl-devel
BuildRequires: libattr-devel BuildRequires: libattr-devel
BuildRequires: libtool
BuildRequires: libxml2-devel BuildRequires: libxml2-devel
BuildRequires: libzstd-devel BuildRequires: libzstd-devel
BuildRequires: lz4-devel BuildRequires: lz4-devel
@ -37,13 +37,6 @@ BuildRequires: xz-devel
BuildRequires: zlib-devel BuildRequires: zlib-devel
BuildRequires: make BuildRequires: make
# When configured against OpenSSL 1.1, the RIPEMD-160 support was not detected,
# so it was not compiled in previously. With OpenSSL 3.0, it's now detected as
# being available, but it only actually works when the legacy provider is
# loaded, which breaks the RIPEMD-160 test. This patch disables the RIPEMD-160
# support explicitly.
Patch0001: 0001-Drop-rmd160-from-OpenSSL.patch
%description %description
Libarchive is a programming library that can create and read several different Libarchive is a programming library that can create and read several different
streaming archive formats, including most popular tar variants, several cpio streaming archive formats, including most popular tar variants, several cpio
@ -87,21 +80,12 @@ The bsdcat program typically takes a filename as an argument or reads standard
input when used in a pipe. In both cases decompressed data it written to input when used in a pipe. In both cases decompressed data it written to
standard output. standard output.
%package -n bsdunzip
Summary: Extract files from a ZIP archive
Requires: %{name}%{?_isa} = %{version}-%{release}
%description -n bsdunzip
The bsdunzip package contains standalone bsdunzip utility split off regular
libarchive packages. It is designed to provide an interface compatible with Info-ZIP's.
%prep %prep
%autosetup -p1 %autosetup -p1
%build %build
autoreconf -ifv
%configure --disable-static LT_SYS_LIBRARY_PATH=%_libdir %configure --disable-static LT_SYS_LIBRARY_PATH=%_libdir
%make_build %make_build
@ -232,104 +216,41 @@ run_testsuite
%{_bindir}/bsdcat %{_bindir}/bsdcat
%{_mandir}/*/bsdcat* %{_mandir}/*/bsdcat*
%files -n bsdunzip
%{!?_licensedir:%global license %%doc}
%license COPYING
%doc NEWS README.md
%{_bindir}/bsdunzip
%{_mandir}/*/bsdunzip*
%changelog %changelog
* Mon Nov 18 2024 Lukas Javorsky <ljavorsk@redhat.com> - 3.7.7-1 * Wed Nov 23 2022 Lukas Javorsky <ljavorsk@redhat.com> - 3.5.3-4
- Rebase to version 3.7.7
- Fixing SAST issues, accepted by upstream
- Resolves: RHEL-39391 RHEL-67895
* Tue Oct 29 2024 Troy Dawson <tdawson@redhat.com> - 3.7.2-9
- Bump release for October 2024 mass rebuild:
Resolves: RHEL-64018
* Fri Oct 25 2024 MSVSphere Packaging Team <packager@msvsphere-os.ru> - 3.7.2-7
- Rebuilt for MSVSphere 10
* Mon Oct 14 2024 Lukas Javorsky <ljavorsk@redhat.com> - 3.7.2-7
- Fix CVE-2024-48957
- Resolves: RHEL-62015
* Mon Jun 24 2024 Troy Dawson <tdawson@redhat.com> - 3.7.2-7
- Bump release for June 2024 mass rebuild
* Thu Jun 06 2024 Lukas Javorsky <ljavorsk@redhat.com> - 3.7.2-6
- Fix CVE-2024-20696
- Resolves: RHEL-40042
* Mon May 27 2024 Lukas Javorsky <ljavorsk@redhat.com> - 3.7.2-5
- Fix for CVE-2024-26256
* Tue May 14 2024 Lukas Javorsky <ljavorsk@redhat.com> - 3.7.2-4
- Add forgotten licenses and migrate them to SPDX format
* Thu Jan 25 2024 Fedora Release Engineering <releng@fedoraproject.org> - 3.7.2-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild
* Sun Jan 21 2024 Fedora Release Engineering <releng@fedoraproject.org> - 3.7.2-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild
* Tue Sep 12 2023 Lukas Javorsky <ljavorsk@redhat.com> - 3.7.2-1
- Rebase to version 3.7.2
* Mon Jul 31 2023 Lukas Javorsky <ljavorsk@redhat.com> - 3.7.1-1
- Rebase to version 3.7.1
* Tue Jul 25 2023 Lukas Javorsky <ljavorsk@redhat.com> - 3.7.0-1
- Rebase to version 3.7.0
- Add new bsdunzip subpackage
* Thu Jul 20 2023 Fedora Release Engineering <releng@fedoraproject.org> - 3.6.1-6
- Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild
* Wed Feb 08 2023 Davide Cavalca <dcavalca@fedoraproject.org> - 3.6.1-5
- Backport upstream PR#1772 for better pathname portability across OS
Resolves: #2136961
* Thu Jan 19 2023 Fedora Release Engineering <releng@fedoraproject.org> - 3.6.1-4
- Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild
* Fri Dec 02 2022 Lukas Javorsky <ljavorsk@redhat.com> - 3.6.1-3
- Resolves: CVE-2022-36227 - Resolves: CVE-2022-36227
* Thu Jul 21 2022 Fedora Release Engineering <releng@fedoraproject.org> - 3.6.1-2 * Tue Jul 12 2022 Lukas Javorsky <ljavorsk@redhat.com> - 3.5.3-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild - Resolves: #2106651
* Fri Apr 08 2022 Lukas Javorsky <ljavorsk@redhat.com> - 3.6.1-1 * Wed May 18 2022 Lukas Javorsky <ljavorsk@redhat.com> - 3.5.3-2
- Rebase to version 3.6.1 - Resolves: CVE-2022-26280
- Resolves: #2071934
* Tue Feb 22 2022 Matej Mužila <mmuzila@redhat.com> - 3.6.0-1
- Rebase to version 3.6.0
- Resolves: #2051860
* Mon Feb 14 2022 Lukas Javorsky <ljavorsk@redhat.com> - 3.5.3-1 * Mon Feb 14 2022 Lukas Javorsky <ljavorsk@redhat.com> - 3.5.3-1
- Rebase to version 3.5.3 - Rebase to version 3.5.3
* Thu Jan 20 2022 Fedora Release Engineering <releng@fedoraproject.org> - 3.5.2-5 * Mon Aug 23 2021 Ondrej Dubaj <odubaj@redhat.com> - 3.5.2-1
- Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild - Rebased to version 3.5.2 (#1996634)
- Fixed symlink handling
* Fri Dec 03 2021 Stephen Gallagher <sgallagh@redhat.com> - 3.5.2-5 * Mon Aug 09 2021 Mohan Boddu <mboddu@redhat.com> - 3.5.1-7
- Drop RIPEMD-160 support for OpenSSL 3.0 - Rebuilt for IMA sigs, glibc 2.34, aarch64 flags
Related: rhbz#1991688
* Tue Sep 14 2021 Sahana Prasad <sahana@redhat.com> - 3.5.2-3 * Wed Jun 16 2021 Mohan Boddu <mboddu@redhat.com> - 3.5.1-6
- Rebuilt with OpenSSL 3.0.0 - Rebuilt for RHEL 9 BETA for openssl 3.0
Related: rhbz#1971065
* Mon Aug 30 2021 Ondrej Dubaj <odubaj@redhat.com> - 3.5.2-2 * Thu May 27 2021 Petr Kubat <pkubat@redhat.com> - 3.5.1-5
- Fixed symlink handling - Return error when ripemd160 is used with OpenSSL3 (#1962067)
* Mon Aug 23 2021 Ondrej Dubaj <odubaj@redhat.com> - 3.5.2-1 * Mon May 10 2021 Ondrej Dubaj <odubaj@redhat.com> - 3.5.1-4
- Rebased to version 3.5.2 - Fixed covscan issues (#1938755)
* Thu Jul 22 2021 Fedora Release Engineering <releng@fedoraproject.org> - 3.5.1-3 * Fri Apr 16 2021 Mohan Boddu <mboddu@redhat.com> - 3.5.1-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild - Rebuilt for RHEL 9 BETA on Apr 15th 2021. Related: rhbz#1947937
* Tue Jan 26 2021 Fedora Release Engineering <releng@fedoraproject.org> - 3.5.1-2 * Tue Jan 26 2021 Fedora Release Engineering <releng@fedoraproject.org> - 3.5.1-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild

Write Preview
Loading…
Cancel
Save