Rebase to version 3.7.7
This version fixes all of the SAST reported issues Resolves: RHEL-39391 RHEL-67895
This commit is contained in:
Lukas Javorsky
parent
846e6843e7
commit
827200bcd7
@ -1,8 +1,8 @@
|
||||
%bcond_without check
|
||||
|
||||
Name: libarchive
|
||||
Version: 3.7.2
|
||||
Release: 9%{?dist}
|
||||
Version: 3.7.7
|
||||
Release: 1%{?dist}
|
||||
Summary: A library for handling streaming archive formats
|
||||
|
||||
# Licenses:
|
||||
@ -44,25 +44,6 @@ BuildRequires: make
|
||||
# support explicitly.
|
||||
Patch0001: 0001-Drop-rmd160-from-OpenSSL.patch
|
||||
|
||||
# Upstream patch: https://github.com/libarchive/libarchive/commit/3bd918d92f8c34ba12de9c6604d96f9e262a59fc
|
||||
# Fixes the broken 32-bit builds (i686 arch) due to "Allocation error : not enough memory"
|
||||
Patch0002: 0002-tests-fix-zstd-long-option-test-for-32-bit-architect.patch
|
||||
|
||||
# Upstream patch: https://github.com/libarchive/libarchive/commit/eb7939b24a681a04648a59cdebd386b1e9dc9237
|
||||
# Fixes Heap based buffer overflow in rar e8 filter (CVE-2024-26256)
|
||||
Patch0003: 0003-fix-OOB-in-rar-e8-filter.patch
|
||||
|
||||
# Upstream patch: https://github.com/libarchive/libarchive/commit/eac15e252010c1189a5c0f461364dbe2cd2a68b1
|
||||
# Fixes CVE-2024-20696
|
||||
Patch0004: 0004-rar4-reader-protect-copy_from_lzss_window_to_unp-217.patch
|
||||
|
||||
# Upstream patches:
|
||||
# https://github.com/libarchive/libarchive/commit/3006bc5d02ad3ae3c4f9274f60c1f9d2d834734b
|
||||
# https://github.com/libarchive/libarchive/commit/a1cb648d52f5b6d3f31184d9b6a7cbca628459b7
|
||||
# Fixes CVE-2024-48957
|
||||
Patch0005: 0005-fix-OOB-in-rar-audio-filter-2149.patch
|
||||
Patch0006: 0006-fix-OOB-in-rar-delta-filter-2148.patch
|
||||
|
||||
%description
|
||||
Libarchive is a programming library that can create and read several different
|
||||
streaming archive formats, including most popular tar variants, several cpio
|
||||
@ -260,6 +241,11 @@ run_testsuite
|
||||
|
||||
|
||||
%changelog
|
||||
* Mon Nov 18 2024 Lukas Javorsky <ljavorsk@redhat.com> - 3.7.7-1
|
||||
- Rebase to version 3.7.7
|
||||
- Fixing SAST issues, accepted by upstream
|
||||
- Resolves: RHEL-39391 RHEL-67895
|
||||
|
||||
* Tue Oct 29 2024 Troy Dawson <tdawson@redhat.com> - 3.7.2-9
|
||||
- Bump release for October 2024 mass rebuild:
|
||||
Resolves: RHEL-64018
|
||||
|
||||
2
sources
2
sources
@ -1 +1 @@
|
||||
SHA512 (libarchive-3.7.2.tar.gz) = 1af253203df3014d1fbf3e99ebdc7aa2a3f036c7c2606d0f0550c49973b0fff99ee7262f4a6e20090c0806c40e964731334360daa3b718bde40108183eacc8a1
|
||||
SHA512 (libarchive-3.7.7.tar.gz) = cce6eecfcd33d228bd1b1162a90bad63750adb53ac4edcaed34e2fdc30b6ba211cf1fd25d4b8761373949ceec266478b09bd70ffa4e374803a29e8573d6d149e
|
||||
|
||||
Loading…
Reference in New Issue
Block a user