Changelog for libarchive-devel-3.x.x+git.20241007T085117~a65f765-40.2.x86_64.rpm :

* Tue Oct 08 2024 obs-service-tar-scmAATTinvalid- Update to version 3.x.x+git.20241007T085117~a65f765:
* bsdcpio should exit with an error code if an entry can\'t be extracted (#2371)
* Add absolute path test for bsdtar (#2370)
* Simplify tests added in #2363, use testworkdir (#2369)
* Fix pathname overwrite in header_old_tar() (#2360)
* Miscellaneous code cleanup (#2285)
* Fix ARCHIVE_EXTRACT_SECURE_NOABSOLUTEPATHS on windows (#2363)
* Reenable CI tests for MSVC (#2356)
* Remove two unnecessary strings from the tar state (#2345)
* Clean up linkpath between entries (#2343)
* tar/write.h: Support `sys/xattr.h` (#2335)
* Mon Jul 24 2023 Bernhard Wiedemann - update to 3.7.0
* bsdunzip port from FreeBSD
* fix 2 year 2038 issues
* Fri Dec 23 2022 Dirk Müller - update to 3.6.2 (bsc#1205629, CVE-2022-36227)
* NULL pointer dereference vulnerability in archive_write.c
* include ZSTD in Windows builds (#1688)
* SSL fixes on Windows (#1714, #1723, #1724)
* rar5 reader: fix possible garbled output with bsdtar -O (#1745)
* mtree reader: support reading mtree files with tabs (#1783)
* various small fixes for issues found by CodeQL
* Fri Apr 08 2022 Dirk Müller - update to 3.6.1:
* 7zip reader: fix PPMD read beyond boundary (#1671)
* ZIP reader: fix possible out of bounds read (OSS-Fuzz 38766 #1672)
* ISO reader: fix possible heap buffer overflow in read_children() (OSS-Fuzz 38764, #1685)
* RARv4 redaer: fix multiple issues in RARv4 filter code (introduced in libarchive 3.6.0)
* fix heap use after free in archive_read_format_rar_read_data() (OSS-Fuzz 44547, 52efa50)
* fix null dereference in read_data_compressed() (OSS-Fuzz 44843, 1271f77)
* fix heap user after free in run_filters() (OSS-Fuzz 46279, #1715)
* Thu Feb 24 2022 Ferdinand Thiessen - Update to 3.6.0
* Fix use-after-free bug (CVE-2021-36976)
* tar: new option \"--no-read-sparse\"
* tar: threads support for zstd
* RAR reader: filter support
* RAR5 reader: self-extracting archive support
* ZIP reader: zstd decompression support
* tar: respect \"--ignore-zeros\" in c, r and u modes
* reduced size of application binaries
* internal code optimizations- Drop upstream merged fix-following-symlinks.patch
* Mon Nov 29 2021 Adrian Schröter - fix permission settings on following symlinks (fix-following-symlinks.patch) this fixes also wrong permissions of /var/tmp in factory systems CVE-2021-31566
* Sun Nov 07 2021 Andreas Stieger - update to 3.5.2:
* CPIO: Support for PWB and v7 binary cpio formats
* ZIP reader: Support of deflate algorithm in symbolic link decompression
* security: fix handling of symbolic link ACLs on Linux (boo#1192425)
* security: never follow symlinks when setting file flags on Linux (boo#1192426)
* security: do not follow symlinks when processing the fixup list (boo#1192427)
* fix extraction of hardlinks to symlinks
* 7zip reader and writer fixes
* RAR reader fixes
* ZIP reader: fix excessive read for padded zip
* CAB reader: fix double free
* handle short writes from archive_write_callback
* Wed Jan 06 2021 Dirk Müller - update to 3.5.1:
* various compilation fixes (#1461, #1462, #1463, #1464)
* fixed undefined behavior in a function in warc reader (#1465)
* Tue Dec 01 2020 Ismail Dönmez - Update to version 3.5.0 New features:
* mtree digest reader support (#1347)
* completed support for UTF-8 encoding conversion (#1389)
* minor API enhancements (#1258, #1405)
* support for system extended attributes (#1409)
* support for decompression of symbolic links in zipx archives (#1435) Important bugfixes
* fixed extraction of archives with hard links pointing to itself (#1381)
* cpio fixes (#1387, #1388)
* fixed uninitialized size in rar5_read_data (#1408)
* fixed memory leaks in error case of archive_write_open() functions (#1456)- Drop libarchive-3.4.3-fix_test_write_disk_secure.patch, fixed upstream.
* Mon Sep 07 2020 Andreas Stieger - fix build with binutils submitted to Factory, adding upstream libarchive-3.4.3-fix_test_write_disk_secure.patch