From patchwork Wed Aug 24 07:50:34 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
X-Patchwork-Submitter: Adolf Belka <adolf.belka@ipfire.org>
X-Patchwork-Id: 5980
Return-Path: <development-bounces@lists.ipfire.org>
Received: from mail01.ipfire.org (mail01.haj.ipfire.org [172.28.1.202])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature ECDSA (P-384)
	 client-signature ECDSA (P-384))
	(Client CN "mail01.haj.ipfire.org", Issuer "R3" (verified OK))
	by web04.haj.ipfire.org (Postfix) with ESMTPS id 4MCJDb23R3z3wdF
	for <patchwork@web04.haj.ipfire.org>; Wed, 24 Aug 2022 07:50:39 +0000 (UTC)
Received: from mail02.haj.ipfire.org (mail02.haj.ipfire.org [172.28.1.201])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature ECDSA (P-384)
	 client-signature ECDSA (P-384))
	(Client CN "mail02.haj.ipfire.org", Issuer "R3" (verified OK))
	by mail01.ipfire.org (Postfix) with ESMTPS id 4MCJDZ3nxYz1ZX;
	Wed, 24 Aug 2022 07:50:38 +0000 (UTC)
Received: from mail02.haj.ipfire.org (localhost [127.0.0.1])
	by mail02.haj.ipfire.org (Postfix) with ESMTP id 4MCJDZ4411z2yS1;
	Wed, 24 Aug 2022 07:50:38 +0000 (UTC)
Received: from mail01.ipfire.org (mail01.haj.ipfire.org [172.28.1.202])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature ECDSA (P-384)
 client-signature ECDSA (P-384))
 (Client CN "mail01.haj.ipfire.org", Issuer "R3" (verified OK))
 by mail02.haj.ipfire.org (Postfix) with ESMTPS id 4MCJDY1wgbz2xQp
 for <development@lists.ipfire.org>; Wed, 24 Aug 2022 07:50:37 +0000 (UTC)
Received: from [127.0.0.1] (localhost [127.0.0.1])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature ECDSA (P-384) server-digest SHA384)
 (No client certificate requested)
 by mail01.ipfire.org (Postfix) with ESMTPSA id 4MCJDY0BhKz1Qr;
 Wed, 24 Aug 2022 07:50:37 +0000 (UTC)
DKIM-Signature: v=1; a=ed25519-sha256; c=relaxed/relaxed; d=ipfire.org;
 s=202003ed25519; t=1661327437;
 h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
 to:to:cc:cc:mime-version:mime-version:
 content-transfer-encoding:content-transfer-encoding;
 bh=vMlP8OSZA693tcMA1LeDtdtG/iO2l6QzVyEI3yeUhDo=;
 b=G3p9Quize4DvOe3ijYVHsFOyODmye3iMGFnVy5Ik8jU9BAS+YCV2vOGPAsXIKD6lor1LQW
 CluGRInV5UfdDLAw==
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ipfire.org;
 s=202003rsa;
 t=1661327437;
 h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
 to:to:cc:cc:mime-version:mime-version:
 content-transfer-encoding:content-transfer-encoding;
 bh=vMlP8OSZA693tcMA1LeDtdtG/iO2l6QzVyEI3yeUhDo=;
 b=nFk5HeT+01Yo5q2IKDvx13FYCiTgdMj7K4um5lPIp2bRZTvqpZ/KO0goRjP735MvXTBgGG
 7Ca4w42AWSrWDuMS6OrWAvct04Oks2xwJd9p0snhCz2vP7Q3OaZzI3M5eTIZnVxF1BFieV
 bLNQFQ+5gXYG89a4H+sJSFEajK0Qup2UcYx5Rf0DTnGvk3XcnjO5G21IaJxozetur2L9ha
 TOUKqzA3vX1KiLlP8Aj8z9kJHi1n8qbcHqKMSFQmKwf2Lvnui+Hx3xnckoVmd8lSS4ZEzh
 hreKRYv31G/PRb6eQstCNRf5/cwSqQ9T3ZvV21MC502bFu23JWti9RiEXss6yQ==
From: Adolf Belka <adolf.belka@ipfire.org>
To: development@lists.ipfire.org
Subject: [PATCH] libarchive: Update to version 3.6.1
Date: Wed, 24 Aug 2022 09:50:34 +0200
Message-Id: <20220824075034.2978-1-adolf.belka@ipfire.org>
MIME-Version: 1.0
X-BeenThere: development@lists.ipfire.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: IPFire development talk <development.lists.ipfire.org>
List-Unsubscribe: <https://lists.ipfire.org/mailman/options/development>,
 <mailto:development-request@lists.ipfire.org?subject=unsubscribe>
List-Archive: <http://lists.ipfire.org/pipermail/development/>
List-Post: <mailto:development@lists.ipfire.org>
List-Help: <mailto:development-request@lists.ipfire.org?subject=help>
List-Subscribe: <https://lists.ipfire.org/mailman/listinfo/development>,
 <mailto:development-request@lists.ipfire.org?subject=subscribe>
Errors-To: development-bounces@lists.ipfire.org
Sender: "Development" <development-bounces@lists.ipfire.org>

- Update from version 3.6.0 to 3.6.1
- Update of rootfile
- Changelog
	Libarchive 3.6.1 is a bugfix and security release.
	  Security fixes:
	    7zip reader: fix PPMD read beyond boundary (#1671)
	    ZIP reader: fix possible out of bounds read (OSS-Fuzz 38766 #1672)
	    ISO reader: fix possible heap buffer overflow in read_children() (OSS-Fuzz 38764, #1685)
	    RARv4 redaer: fix multiple issues in RARv4 filter code (introduced in libarchive 3.6.0)
	        fix heap use after free in archive_read_format_rar_read_data() (OSS-Fuzz 44547, 52efa50)
	        fix null dereference in read_data_compressed() (OSS-Fuzz 44843, 1271f77)
	        fix heap user after free in run_filters() (OSS-Fuzz 46279, #1715)

Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Reviewed-by: Peter Müller <peter.mueller@ipfire.org>
---
 config/rootfiles/common/libarchive | 2 +-
 lfs/libarchive                     | 4 ++--
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/config/rootfiles/common/libarchive b/config/rootfiles/common/libarchive
index c939d74f4..d6860041b 100644
--- a/config/rootfiles/common/libarchive
+++ b/config/rootfiles/common/libarchive
@@ -6,7 +6,7 @@
 #usr/lib/libarchive.la
 #usr/lib/libarchive.so
 usr/lib/libarchive.so.13
-usr/lib/libarchive.so.13.6.0
+usr/lib/libarchive.so.13.6.1
 #usr/lib/pkgconfig/libarchive.pc
 #usr/share/man/man1/bsdcat.1
 #usr/share/man/man1/bsdcpio.1
diff --git a/lfs/libarchive b/lfs/libarchive
index 42040b6db..46074341a 100644
--- a/lfs/libarchive
+++ b/lfs/libarchive
@@ -24,7 +24,7 @@
 
 include Config
 
-VER        = 3.6.0
+VER        = 3.6.1
 
 THISAPP    = libarchive-$(VER)
 DL_FILE    = $(THISAPP).tar.xz
@@ -41,7 +41,7 @@ objects = $(DL_FILE)
 
 $(DL_FILE) = $(DL_FROM)/$(DL_FILE)
 
-$(DL_FILE)_BLAKE2 = e62bb0fccff23f752912de4ca6b8fd5dce6feb0e5f5d59b975d8e6fc9b3153500d6f622b4ea8c4541f0d574e7d8aa5f6903acc0c32b4e47a16f7e1b92ea952e9
+$(DL_FILE)_BLAKE2 = e7b79e97545dabeac164069e87adbd2081d3bd75c22f80b3797c6e487a477b3f6347b6fc14c76668eb69f2f2e5dcdd5a33a694e0a292ce426b8d0d93435218cf
 
 install : $(TARGET)