SEARCH
NEW RPMS
DIRECTORIES
ABOUT
FAQ
VARIOUS
BLOG

 
 
Changelog for bsdtar-3.3.3-101.1.x86_64.rpm :
Tue Feb 5 13:00:00 2019 adrianAATTsuse.de
- Added patches:

* CVE-2019-1000019.patch Fixes 7zip crash (boo#1124341)

* CVE-2019-1000020.patch ISO9660 infinite loop fixed (boo#1124342)

Thu Jan 3 13:00:00 2019 kbabiochAATTsuse.de
- Added patches:

* CVE-2018-1000877.patch, which fixes a double free vulnerability in RAR
decoder (CVE-2018-1000877 bsc#1120653)

* CVE-2018-1000878.patch, which fixes a Use-After-Free vulnerability in RAR
decoder (CVE-2018-1000878 bsc#1120654)

* CVE-2018-1000879.patch, which fixes a NULL Pointer Dereference
vulnerability in ACL parser (CVE-2018-1000879 bsc#1120656)

* CVE-2018-1000880.patch, which fixes an improper input validation
vulnerability in WARC parser (CVE-2018-1000880 bsc#1120659)
- Make use of %license macro
- Applied spec-cleaner

Tue Sep 18 14:00:00 2018 jengelhAATTinai.de
- Fix RPM groups. Remove idempotent %if..%endif guards.
Diversify summaries. Set CFLAGS instead of re-defining
optflags with itself.

Fri Sep 14 14:00:00 2018 adrianAATTsuse.de
- update to version 3.3.3

* Avoid super-linear slowdown on malformed mtree files

* Many fixes for building with Visual Studio

* NO_OVERWRITE doesn\'t change existing directory attributes

* New support for Zstandard read and write filters
- fix-CVE-2017-14166.patch is obsolete

Thu Sep 7 14:00:00 2017 adrianAATTsuse.de
- update to version 3.3.2

* NFSv4 ACL support for Linux (librichacl)
- fix-CVE-2017-14166.patch (boo#1057514)

Mon Apr 3 14:00:00 2017 adrianAATTsuse.de
- update to version 3.3.1

* Security & Feature release
Details are not documented from upstream yet
fix-extract-over-links.patch and libarchive-openssl.patch obsoleted

Fri Dec 2 13:00:00 2016 adrianAATTsuse.com
- fix extracting over symlinks: fix-extract-over-links.patch
the problem is solved upstream different, but git master
is too different atm.

Wed Oct 26 14:00:00 2016 adrianAATTsuse.com
- update to version 3.2.2
Unspecified security fixes, but at least:

* CVE-2016-8687

* CVE-2016-8689

* CVE-2016-8688

* CVE-2016-5844

* CVE-2016-6250

* CVE-2016-5418
- obsoletes fix-build.patch

Sat Jul 23 14:00:00 2016 dmuellerAATTsuse.com
- make bsdtar require a matching libarchive version to avoid
missing symbol errors

Mon Jun 20 14:00:00 2016 adrianAATTsuse.de
- update to version 3.2.1
Fixes a number of security issues:
CVE-2015-8934, CVE-2015-8933, CVE-2015-8917, CVE-2016-4301, CVE-2016-4300
- and fixing the build (fix-build.patch)

Thu Jun 16 14:00:00 2016 adrianAATTsuse.de
- limit size of symlinks in cpio archives (CVE-2016-4809, boo#984990)
CVE-2016-4809.patch

Mon May 9 14:00:00 2016 adrianAATTsuse.de
- 4GB _constraints for ppc64le only, it would break other archs
- update to version 3.2.0

* Fixes CVE-2016-1541

* Fixes CVE-2015-8928

* changes are only documented in git history

* updated openssl patch

* new bsdcat utility
- removed obsolete patches for:

* CVE-2013-0211.patch

* directory-traversal-fix.patch

* libarchive-xattr.patch

Fri May 6 14:00:00 2016 normandAATTlinux.vnet.ibm.com
- add _constraints memory 4096MB to avoid ppc64le build failure

Sat Sep 19 14:00:00 2015 astiegerAATTsuse.com
- build static lib on RHEL 7

Sun Mar 22 13:00:00 2015 astiegerAATTsuse.com
- RHEL/CentOS build fix, skipping autoreconf

Sun Mar 15 13:00:00 2015 astiegerAATTsuse.com
- add CVE for previous change

Thu Mar 5 13:00:00 2015 adrianAATTsuse.com
- fix a directory traversal in cpio tool (bnc#920870)
directory-traversal-fix.patch CVE-2015-2304

Tue Nov 11 13:00:00 2014 jsegitzAATTnovell.com
- Added CVE-2013-0211.patch to fix CVE-2013-0211 (bnc#800024)

Wed May 28 14:00:00 2014 crrodriguezAATTopensuse.org
- libarchive-xattr.patch, fix subtle wrong library check
that causes this package to depend on libattr when it should
be using glibc.

Sun Nov 24 13:00:00 2013 andreas.stiegerAATTgmx.de
- add optional -static-devel library package, intended to publish pixz
for CentOS / RHEL, default off
- skip some dependencies not required for pixz on CentOS / RHEL

Tue Aug 20 14:00:00 2013 crrodriguezAATTopensuse.org
- remove artificial dependencies on libacl-devel, libbz2-devel,
zlib-devel from libarchive-devel.

Mon Aug 19 14:00:00 2013 crrodriguezAATTopensuse.org
- libarchive-openssl.patch: Call OPENSSL_config where needed,
otherwise on systems configured to use openSSL engines such
as via-padlock wont benefit from hardware acceleration.

Fri Aug 16 14:00:00 2013 andreas.stiegerAATTgmx.de
- update to 3.1.2
This is a maintenance update to fix issues with the new RAR
seeking feature.
- libarchive\'s new website moved to http://www.libarchive.org.

Sun Jun 16 14:00:00 2013 jengelhAATTinai.de
- Explicitly list libattr-devel as BuildRequires (and sort those)

Wed Feb 13 13:00:00 2013 wernerAATTsuse.de
- Use %libname macro to be consistent throughout the spec file

Tue Feb 5 13:00:00 2013 p.drouandAATTgmail.com
- Update to version 3.1.1:
+ Fix an issue with the soname versioning in builds of libarchive
using cmake
- Removed patchs; fixed and merged on upstream release:

* libarchive-fix-checks.patch

* libarchive-ppc64.patch
- The soname has changed and pass to 13.

Thu Aug 23 14:00:00 2012 dvaleevAATTsuse.com
- libarchive-ppc64.patch:
fix http://code.google.com/p/libarchive/issues/detail?id=277
test_option_b and test_option_nodump are failing on ppc64

Thu Aug 9 14:00:00 2012 cfarrellAATTsuse.com
- license update: BSD-2-Clause
The COPYING file shows that the package is predominantly BSD-2-Clause
licensed

Tue Aug 7 14:00:00 2012 dimstarAATTopensuse.org
- Update to version 3.0.4:
+ libarchive development moved to http://libarchive.github.com/
- Changes from version 3.0.2:
+ Various fixes merged from FreeBSD
+ Symlink support in Zip reader and writer
+ Robustness fixes to 7Zip reader
- Changes from version 3.0.1b:
+ 7Zip reader
+ Small fixes to ISO and Zip to improve robustness with corrupted
input
+ Improve streaming Zip reader\'s support for uncompressed entries
+ New seeking Zip reader supports SFX Zip archives
+ Build fixes on Windows
- For more changes since 2.8.5, please see NEWS file
- Update URL Tag to represent new home of the project.
- Rename libarchive2 to libarchive12, following upstreams soname
bumps.
- Add libarchive-fix-checks.patch: Fix gcc 4.7 side effects.
- Drop libarchive-test-fuzz.patch: fixed upstream.
- Drop libarchive-ignore-sigpipe-in-test-suite.patch: fixed
upstream.
- Drop libarchive-2.5.5_handle_ENOSYS_from_lutimes.patch: upstream
rejected the patch. Seems to be too theoretical problem.

Mon May 7 14:00:00 2012 wernerAATTsuse.de
- Enforce usage of reentrant versions of libc functions

Mon Feb 13 13:00:00 2012 dvaleevAATTsuse.com
- fix failed tests on ppc

Wed Feb 8 13:00:00 2012 idonmezAATTsuse.com
- Use %makeinstall to be SLES compatible

Thu Dec 22 13:00:00 2011 wernerAATTsuse.de
- For SLES11 work around missing rpm macro

Tue Dec 6 13:00:00 2011 cooloAATTsuse.com
- rename main package to libarchive

Tue Dec 6 13:00:00 2011 cooloAATTsuse.com
- Update to libarchive 2.8.5 (from werner)

* Fix issue 134: Improve handling of open failures

* Fix issue 119: Relax ISO verification

* Fix issue 121: mtree parsing

* Fix extraction of GNU tar \'D\' directory entries

* Be less demanding in LZMA/XZ compression tests

Fri Sep 30 14:00:00 2011 cooloAATTsuse.com
- add baselibs.conf for PackageKit to use

Tue Apr 19 14:00:00 2011 idoenmezAATTnovell.com
- Add suport for xz and xar archives
- Add libarchive-2.8.4-iso9660-data-types.patch:
fix ISO9660 reader data type mismatches

Thu Nov 11 13:00:00 2010 puzelAATTnovell.com
- udpate to libarchive-2.8.4
- see /usr/share/doc/packages/libarchive2/NEWS for changes
- drop libarchive-2.5.5_fix_testsuite.patch (upstream)
- update libarchive-2.5.5_handle_ENOSYS_from_lutimes.patch
- clean up specfile
- disable make check for now

Wed Jan 6 13:00:00 2010 jengelhAATTmedozas.de
- enable parallel building


 
ICM