Index | index by Group | index by Distribution | index by Vendor | index by creation date | index by Name | Mirrors | Help | Search |
Name: libarchive13 | Distribution: openSUSE Leap 15.2 |
Version: 3.4.2 | Vendor: openSUSE |
Release: lp152.2.3 | Build date: Sat May 16 17:05:32 2020 |
Group: System/Libraries | Build host: lamb66 |
Size: 840196 | Source RPM: libarchive-3.4.2-lp152.2.3.src.rpm |
Packager: https://bugs.opensuse.org | |
Url: http://www.libarchive.org/ | |
Summary: Library to work with several different streaming archive formats |
Libarchive is a programming library that can create and read several different streaming archive formats, including most popular tar variants and several cpio formats. It can also write shar archives and read ISO-9660 CDROM images. The bsdtar program is an implementation of tar(1) that is built on top of libarchive. It started as a test harness, but has grown and is now the standard system tar for FreeBSD 5 and 6. The libarchive library offers a number of features that make it both very flexible and very powerful. - Automatic format detection: libarchive can automatically determine both the compression and the archive format, regardless of the data source. Most tar implementations do not automatically detect the compression format, few implementation that can correctly do this when reading from stdin or a socket. (The tar program included with Gunnar Ritter's heirloom collection also does full automatic format detection.) - Writes POSIX formats: libarchive writes POSIX-standard formats, including "ustar," "pax interchange format," and the POSIX "cpio" format. - Supports pax interchange format: Pax interchange format (which, despite the name, is really an extended tar format) eliminates almost all limitations of historic tar formats and provides a standard method for incorporating vendor-specific extensions. libarchive exploits this extension mechanism to support ACLs and file flags, for example. (Joerg Schilling's star archiver is another open-source tar program that supports pax interchange format.) - Reads popular formats: libarchive can read GNU tar, ustar, pax interchange format, cpio, and older tar variants. The internal architecture is easily extensible. The only requirement for support is that it be possible to read the format without seeking in the file. (For example, a format that includes a compressed size field before the data cannot be correctly written without seeking.) - High-Level API: the libarchive API makes it fairly simple to build an archive from a list of filenames or to extract the entries from an archive. However, the API also provides extreme flexibility with regards to data sources. For example, there are generic hooks that allow you to write an archive to a socket or read data from an archive entry into a memory buffer. - Extensible. The internal design uses generic interfaces for compression, archive format detection and decoding, and archive data I/O. It should be very easy to add new formats, new compression methods, or new ways of reading/writing archives.
BSD-2-Clause
* Tue Feb 18 2020 Ismail Dönmez <idonmez@suse.com> - Switch back to cmake build now that cmake-mini exists, this will no longer create a build-cycle. * Wed Feb 12 2020 Ismail Dönmez <idonmez@suse.com> - Update to version 3.4.2 New features: * support for atomic file extraction (bsdtar -x --safe-writes) (#1289) * support for mbed TLS (PolarSSL) (#1301) Important bugfixes: * security fixes in RAR5 reader (#1280 #1326) * compression buffer fix in XAR writer (#1317) * fix uname and gname longer than 32 characters in PAX writer (#1319) * fix segfault when archiving hard links in ISO9660 and XAR writers (#1325) * fix support for extracting 7z archive entries with Delta filter (#987) * Mon Dec 30 2019 Ismail Dönmez <idonmez@suse.com> - Revert back to autoconf, cmake introduces a cycle. Leave cmake patches in since they are basically correct and might be useful in the future. * Mon Dec 30 2019 Ismail Dönmez <idonmez@suse.com> - Update to version 3.4.1 New features: * Unicode filename support for reading lha/lzh archives * New pax write option "xattrhdr" Important bugfixes: * security fixes in wide string processing (#1276 #1298) * security fixes in RAR5 reader (#1212 #1217 #1296) CVE-2019-19221 * security fixes and optimizations to write filter logic (#351) * security fix related to use of readlink(2) (1dae5a5) * sparse file handling fixes (#1218 #1260) - Drop CVE-2019-19221.patch and fix-zstd-test.patch, fixed upstream * Fri Nov 22 2019 Adrian Schröter <adrian@suse.de> - fix bsc#1157569 CVE-2019-19221.patch out-of-bounds read in libarchive * Sun Aug 18 2019 Ismail Dönmez <idonmez@suse.com> - Switch to cmake build - Add lib-suffix.patch to honor LIB_SUFFIX - Add fix-zstd-test.patch to fix zstd test - Add fix-soversion.patch to fix the soversion to 13 as autotools * Thu Jun 20 2019 Ismail Dönmez <idonmez@suse.com> - Add lz4 and zstd support - Add BuildRequires on liblz4-devel and libzstd-devel * Thu Jun 13 2019 Ismail Dönmez <idonmez@suse.com> - Update to version 3.4.0 * Support for file and directory symlinks on Windows * Read support for RAR 5.0 archives * Read support for ZIPX archives with xz, lzma, ppmd8 and bzip2 compression * Support for non-recursive list and extract * New tar option: --exclude-vcs * Improved file attribute support on Linux and file flags support on FreeBSD * Fix reading Android APK archives (#1055 ) * Fix problems related to unreadable directories (#1167) * A two-digit number of OSS-Fuzz issues was resolved in this release including CVE-2019-18408 - Add libarchive.keyring and validate the tarball signature - Drop all security patches, fixed upstream: * CVE-2018-1000877.patch * CVE-2018-1000878.patch * CVE-2018-1000879.patch * CVE-2018-1000880.patch * CVE-2019-1000019.patch * CVE-2019-1000020.patch * Tue Feb 05 2019 Adrian Schröter <adrian@suse.de> - Added patches: * CVE-2019-1000019.patch Fixes 7zip crash (boo#1124341) * CVE-2019-1000020.patch ISO9660 infinite loop fixed (boo#1124342) * Thu Jan 03 2019 Karol Babioch <kbabioch@suse.de> - Added patches: * CVE-2018-1000877.patch, which fixes a double free vulnerability in RAR decoder (CVE-2018-1000877 bsc#1120653) * CVE-2018-1000878.patch, which fixes a Use-After-Free vulnerability in RAR decoder (CVE-2018-1000878 bsc#1120654) * CVE-2018-1000879.patch, which fixes a NULL Pointer Dereference vulnerability in ACL parser (CVE-2018-1000879 bsc#1120656) * CVE-2018-1000880.patch, which fixes an improper input validation vulnerability in WARC parser (CVE-2018-1000880 bsc#1120659) - Make use of %license macro - Applied spec-cleaner * Tue Sep 18 2018 Jan Engelhardt <jengelh@inai.de> - Fix RPM groups. Remove idempotent %if..%endif guards. Diversify summaries. Set CFLAGS instead of re-defining optflags with itself. * Fri Sep 14 2018 Adrian Schröter <adrian@suse.de> - update to version 3.3.3 * Avoid super-linear slowdown on malformed mtree files * Many fixes for building with Visual Studio * NO_OVERWRITE doesn't change existing directory attributes * New support for Zstandard read and write filters - Fixes CVE-2017-14501, CVE-2017-14502, CVE-2017-14503 - fix-CVE-2017-14166.patch is obsolete * Thu Sep 07 2017 adrian@suse.de - update to version 3.3.2 * NFSv4 ACL support for Linux (librichacl) - fix-CVE-2017-14166.patch (boo#1057514) * Mon Apr 03 2017 adrian@suse.de - update to version 3.3.1 * Security & Feature release Details are not documented from upstream yet fix-extract-over-links.patch and libarchive-openssl.patch obsoleted * Fri Dec 02 2016 adrian@suse.com - fix extracting over symlinks: fix-extract-over-links.patch the problem is solved upstream different, but git master is too different atm. * Wed Oct 26 2016 adrian@suse.com - update to version 3.2.2 Unspecified security fixes, but at least: * CVE-2016-8687 * CVE-2016-8689 * CVE-2016-8688 * CVE-2016-5844 * CVE-2016-6250 * CVE-2016-5418 - obsoletes fix-build.patch * Sat Jul 23 2016 dmueller@suse.com - make bsdtar require a matching libarchive version to avoid missing symbol errors * Mon Jun 20 2016 adrian@suse.de - update to version 3.2.1 Fixes a number of security issues: CVE-2015-8934, CVE-2015-8933, CVE-2015-8917, CVE-2016-4301, CVE-2016-4300 - and fixing the build (fix-build.patch) * Thu Jun 16 2016 adrian@suse.de - limit size of symlinks in cpio archives (CVE-2016-4809, boo#984990) CVE-2016-4809.patch * Mon May 09 2016 adrian@suse.de - 4GB _constraints for ppc64le only, it would break other archs - update to version 3.2.0 * Fixes CVE-2016-1541 * Fixes CVE-2015-8928 * changes are only documented in git history * updated openssl patch * new bsdcat utility - removed obsolete patches for: * CVE-2013-0211.patch * directory-traversal-fix.patch * libarchive-xattr.patch * Fri May 06 2016 normand@linux.vnet.ibm.com - add _constraints memory 4096MB to avoid ppc64le build failure * Sat Sep 19 2015 astieger@suse.com - build static lib on RHEL 7 * Sun Mar 22 2015 astieger@suse.com - RHEL/CentOS build fix, skipping autoreconf * Sun Mar 15 2015 astieger@suse.com - add CVE for previous change * Thu Mar 05 2015 adrian@suse.com - fix a directory traversal in cpio tool (bnc#920870) directory-traversal-fix.patch CVE-2015-2304 * Tue Nov 11 2014 jsegitz@novell.com - Added CVE-2013-0211.patch to fix CVE-2013-0211 (bnc#800024)
/usr/lib64/libarchive.so.13 /usr/share/doc/packages/libarchive13 /usr/share/doc/packages/libarchive13/NEWS /usr/share/licenses/libarchive13 /usr/share/licenses/libarchive13/COPYING
Generated by rpm2html 1.8.1
Fabrice Bellet, Tue Jul 9 11:31:35 2024