en Copyright 2025 Java http://opengrok.net:8080/history/src/contrib/libarchive/NEWS#4b047c3af3fec1607ba1cfe04e1d442a17fc1cf6 libarchive: merge from vendor branchlibarchive 3.8.5Important bugfixes: #2809 bsdtar: fix regression from 3.8.4 zero-length pattern issue bugfixObtained from: libarchiveVendor commit: dd897a78c662a2c7a003e7ec158cea7909557beeMFC after: 1 week List of files: /src/contrib/libarchive/NEWS Mon, 05 Jan 2026 20:14:54 +0000 Martin Matuska <mm@FreeBSD.org> http://opengrok.net:8080/history/src/contrib/libarchive/NEWS#c1e033c33e8b290cd40f4069249c879efcbae6a6 libarchive: merge from vendor branchlibarchive 3.8.4Important bugfixes: #2787 bsdtar: Fix zero-length pattern issue #2797 lib: Fix regression introduced in libarchive 3.8.2 when walking enterable but unreadable directoriesObtained from: libarchiveVendor commit: d114ceee6de08a7a60ff1209492ba38bf9436f79MFC after: 1 week List of files: /src/contrib/libarchive/NEWS Mon, 01 Dec 2025 13:05:35 +0000 Martin Matuska <mm@FreeBSD.org> http://opengrok.net:8080/history/src/contrib/libarchive/NEWS#007679a138089676aadc9a712277f4004403b905 libarchive: merge from vendor branchlibarchive 3.8.3Important bugfixes: #2753 lib: Create temporary files in the target directory #2768 lha: Fix for an out-of-bounds buffer overrun when using p[H_LEVEL_OFFSET] #2769 7-zip: Fix a buffer overrun when reading truncated 7zip headers #2771 lz4 and zstd: Support both lz4 and zstd data with leading skippable framesObtained from: libarchiveVendor commit: 1368b08875351df8aa268237b882c8f4ceb0882dMFC after: 1 week List of files: /src/contrib/libarchive/NEWS Wed, 19 Nov 2025 13:33:40 +0000 Martin Matuska <mm@FreeBSD.org> http://opengrok.net:8080/history/src/contrib/libarchive/NEWS#401026e4825a05abba6f945cf1b74b3328876fa2 libarchive: merge from vendor branchUpdate vendor/libarchive to 3.8.2Important bugfixes: #2477 tar writer: fix replacing a regular file with a dir for ARCHIVE_EXTRACT_SAFE_WRITES #2659 lib: improve filter process handling #2664 zip writer: fix a memory leak if write callback error early #2665 lib: archive_read_data: handle sparse holes at end of file correctly #2668 7zip: Fix out of boundary access #2670 zip writer: fix writing with ZSTD compression #2672 lib: fix error checking in writing files #2678 zstd write filter: enable Zstandard's checksum feature #2679 lib: handle possible errors from system calls #2707 lib: avoid leaking file descriptors into subprocesses #2713 RAR5 reader: fix multiple issues in extra field parsing function #2716 RAR5 reader: early fail when file declares data for a dir entry #2717 bsdtar: Allow filename to have CRLF endings #2719 tar reader: fix checking the result of the strftime (CVE-2025-25724) #2737 tar reader: fix an infinite loop when parsing V headers #2742 lib: parse_date: handle dates in 2038 and beyond if time_t is big enoughObtained from: libarchiveVendor commit: 7f53fce04e4e672230f4eb80b219af17975e4f83Security: CVE-2025-25724PR: 290303 (exp-run)MFC after: 1 week List of files: /src/contrib/libarchive/NEWS Tue, 21 Oct 2025 14:10:15 +0000 Martin Matuska <mm@FreeBSD.org> http://opengrok.net:8080/history/src/contrib/libarchive/NEWS#2e113ef82465598b8c26e0ca415fbe90677fbd47 libarchive: merge from vendor branchlibarchive 3.8.1New features: #2088 7-zip reader: improve self-extracting archive detection #2137 zip writer: added XZ, LZMA, ZSTD and BZIP2 support #2403 zip writer: added LZMA + RISCV BCJ filter #2601 bsdtar: support --mtime and --clamp-mtime #2602 libarchive: mbedtls 3.x compatibilitySecurity fixes: #2422 tar reader: Handle truncation in the middle of a GNU long linkname CVE-2024-57970 #2532 tar reader: fix unchecked return value in list_item_verbose() CVE-2025-25724 #2532 unzip: fix null pointer dereference CVE-2025-1632 #2568 warc: prevent signed integer overflow #2584 rar: do not skip past EOF while reading #2588 tar: fix overflow in build_ustar_entry #2598 rar: fix double free with over 4 billion nodes #2599 rar: fix heap-buffer-overflowImportant bugfixes: #2399 7-zip reader: add SPARC filter support for non-LZMA compressors #2405 tar reader: ignore ustar size when pax size is present #2435 tar writer: fix bug when -s/a/b/ used more than once with b flag #2459 7-zip reader: add POWERPC filter support for non-LZMA compressors #2519 libarchive: handle ARCHIVE_FILTER_LZOP in archive_read_append_filter #2539 libarchive: add missing seeker function to archive_read_open_FILE() #2544 gzip: allow setting the original filename for gzip compressed files #2564 libarchive: improve lseek handling #2582 rar: support large headers on 32 bit systems #2587 bsdtar: don't hardlink negative inode files together #2596 rar: support large headers on 32 bit systems #2606 libarchive: support @-prefixed Unix epoch timestamps as date strings #2634 tar: Support negative time values with pax #2637 tar: Keep block alignment after pax error #2642 libarchive: fix FILE_skip regression #2643 tar: Handle extra bytes after sparse entries #2649 compress: Prevent call stack overflow #2651 iso9660: always check archive_string_ensure return valueCVE: CVE-2024-57970, CVE-2025-1632, CVE-2025-25724PR: 286944 (exp-run, 3.8.0)MFC after: 2 weeks List of files: /src/contrib/libarchive/NEWS Sun, 01 Jun 2025 20:16:26 +0000 Martin Matuska <mm@FreeBSD.org> http://opengrok.net:8080/history/src/contrib/libarchive/NEWS#bd66c1b43e33540205dbc1187c2f2a15c58b57ba libarchive: merge from vendor branchLibarchive 3.7.7Security fixes: #2158 rpm: calculate huge header sizes correctly #2160 util: fix out of boundary access in mktemp functions #2168 uu: stop processing if lines are too long #2174 lzop: prevent integer overflow #2172 rar4: protect copy_from_lzss_window_to_unp() (CVE-2024-20696) #2175 unzip: unify EOF handling #2179 rar4: fix out of boundary access with large files #2203 rar4: fix OOB access with unicode filenames #2210 rar4: add boundary checks to rgb filter #2248 rar4: fix OOB in delta filter #2249 rar4: fix OOB in audio filter #2256 fix multiple vulnerabilities identified by SAST #2258 cpio: ignore out-of-range gid/uid/size/ino and harden AFIO parsing #2265 rar5: clear 'data ready' cache on window buffer reallocs #2269 rar4: fix CVE-2024-26256 (CVE-2024-26256) #2330 iso: be more cautious about parsing ISO-9660 timestamps #2343 tar: clean up linkpath between entries #2364 tar: don't crash on truncated tar archives #2366 gzip: prevent a hang when processing a malformed gzip inside a gzip #2377 tar: fix two leaks in tar header parsingImportant bugfixes: #2096 rar5: report encrypted entries #2150 xar: fix another infinite loop and expat error handling #2173 shar: check strdup return value #2161 lha: fix integer truncation on 32-bit systems #2338 tar: fix memory leaks when processing symlinks or parsing pax headers #2245 7zip: fix issue when skipping first file in 7zip archive that is a multiple of 65536 bytes #2252 7-zip: read/write symlink paths as UTF-8 #2259 rar5: don't try to read rediculously long names #2290 ar: fix archive entries having no type #2360 tar: fix truncation of entry pathnames in specific archivesCVE: CVE-2024-20696, CVE-2024-26256PR: 282047 (exp-run)MFC after: 1 week List of files: /src/contrib/libarchive/NEWS Sun, 20 Oct 2024 08:22:09 +0000 Martin Matuska <mm@FreeBSD.org> http://opengrok.net:8080/history/src/contrib/libarchive/NEWS#13d826ff947d9026f98e317e7385b22abfc0eace libarchive: merge from vendor branchLibarchive 3.7.4 + three fixes from masterSecurity fixes: #2135 rar: Fix OOB in rar e8 filter (CVE-2024-26256) #2145 zip: Fix out of boundary access #2148 rar: Fix OOB in rar delta filter #2149 rar: Fix OOB in rar audio filterImportant bugfixes: #2131 7zip: Limit amount of properties #2110 bsdtar: Fix error handling around strtol() usages #2116 passphrase: Never allow empty passwords #2124 rar: Fix "File CRC Error" when extracting specific rar4 archives #2123 xar: Avoid infinite link loop #2150 xar: Fix another infinite loop and expat error handling #2108 zip: Update AppleDouble support for directories #2071 zstd: Implement core detectiongitPR: 278588 (exp-run)MFC after: 1 day List of files: /src/contrib/libarchive/NEWS Mon, 29 Apr 2024 08:15:04 +0000 Martin Matuska <mm@FreeBSD.org> http://opengrok.net:8080/history/src/contrib/libarchive/NEWS#b9128a37faafede823eb456aa65a11ac69997284 libarchive: merge from vendor branchLibarchive 3.7.3New features: #1941 uudecode filter: support file name and file mode in raw mode #1943 7-zip reader: translate Windows permissions into UNIX permissions #1962 zstd filter now supports the "long" write option #2012 add trailing letter b to bsdtar(1) substitute pattern #2031 PCRE2 support #2054 add support for long options "--group" and "--owner" to tar(1)Security fixes: #2101 Fix possible vulnerability in tar error reporting introduced in f27c173Important bugfixes: #1974 ISO9660: preserve the natural order of links #2105 rar5: fix infinite loop if during rar5 decompression the last block produced no data #2027 xz filter: fix incorrect eof at the end of an lzip member #2043 zip: fix end-of-data marker processing when decompressing zip archivesPR: 278315 (exp-run)MFC after: 1 week List of files: /src/contrib/libarchive/NEWS Tue, 16 Apr 2024 21:39:31 +0000 Martin Matuska <mm@FreeBSD.org> http://opengrok.net:8080/history/src/contrib/libarchive/NEWS#64884e0d4ce7ed57c970e1b34f93e3754c656900 libarchive: merge from vendor branchLibarchive 3.7.1Important changes (relevant to FreeBSD): ISSUE #1934: stack buffer overflow in cpio verbose mode ISSUE #1935: SEGV in cpio verbose mode PR #1731 tar: respect --strip-components and -s patterns in cru modesMFC after: 1 week List of files: /src/contrib/libarchive/NEWS Sat, 29 Jul 2023 20:43:36 +0000 Martin Matuska <mm@FreeBSD.org> http://opengrok.net:8080/history/src/contrib/libarchive/NEWS#e64fe029e9d3ce476e77a478318e0c3cd201ff08 libarchive: merge from vendor branchLibarchive 3.7.0Important changes (relevant to FreeBSD): #1814 Do not account for NULL terminator when comparing with "TRAILER!!!" #1818 Add ability to produce multi-frame zstd archives #1840 year 2038 fix for pax archives on platforms with 64-bit time_t #1860 Make single bit bitfields unsigned to avoid clang 16 warning #1869 Fix FreeBSD builds with WARNS=6 #1873 bsdunzip ported to libarchive from FreeBSD #1894 read support for zstd compression in 7zip archives #1918 ARM64 filter support in 7zip archivesMFC after: 2 weeksPR: 272567 (exp-run) List of files: /src/contrib/libarchive/NEWS Mon, 24 Jul 2023 05:42:43 +0000 Martin Matuska <mm@FreeBSD.org> http://opengrok.net:8080/history/src/contrib/libarchive/NEWS#bd5e624a861433dee76fe00a8acedc9564425332 libarchive: merge from vendor branchLibarchive 3.6.2Important bug fixes: rar5 reader: fix possible garbled output with bsdtar -O (#1745) mtree reader: support reading mtree files with tabs (#1783) various small fixes for issues found by CodeQLMFC after: 2 weeksPR: 286306 (exp-run) List of files: /src/contrib/libarchive/NEWS Tue, 13 Dec 2022 19:21:13 +0000 Martin Matuska <mm@FreeBSD.org> http://opengrok.net:8080/history/src/contrib/libarchive/NEWS#7ec51a3e2b91caaea5c1de1a4c7b362b20d35a62 libarchive: import changes from upstreamLibarchive 3.6.1Bug fixes: PR #1549: archive_digest: check return value of EVP_DigestInit()PR: 263146 (exp-run)MFC after: 1 week List of files: /src/contrib/libarchive/NEWS Tue, 12 Apr 2022 18:12:34 +0000 Martin Matuska <mm@FreeBSD.org> http://opengrok.net:8080/history/src/contrib/libarchive/NEWS#833a452e9f082a7982a31c21f0da437dbbe0a39d libarchive: import changes from upstreamLibarchive 3.6.0New features:PR #1614: tar: new option "--no-read-sparse"PR #1503: RAR reader: filter supportPR #1585: RAR5 reader: self-extracting archive supportNew features (not used in FreeBSD base):PR #1567: tar: threads support for zstd (#1567)PR #1518: ZIP reader: zstd decompression supportSecurity Fixes:PR #1491, #1492, #1493, CVE-2021-36976: fix invalid memory access and out of bounds read in RAR5 readerPR #1566, #1618, CVE-2021-31566: extended fix for following symlinks when processing the fixup listOther notable bugfixes and improvements:PR #1620: tar: respect "--ignore-zeros" in c, r and u modesPR #1625: reduced size of application binariesMFC after: 2 weeksRelnotes: yes List of files: /src/contrib/libarchive/NEWS Wed, 09 Feb 2022 23:35:42 +0000 Martin Matuska <mm@FreeBSD.org> http://opengrok.net:8080/history/src/contrib/libarchive/NEWS#ddce862ad8594542e1fa1af9ffae7264e12ffd27 libarchive: import changes from upstreamLibarchive 3.5.2New features: PR #1502: Support for PWB and v7 binary cpio formats PR #1509: Support of deflate algorithm in symbolic link decompression for ZIP archivesImportant bugfixes: IS #1044: fix extraction of hardlinks to symlinks PR #1480: Fix truncation of size values during 7zip archive extraction on 32bit architectures PR #1504: fix rar header skiming PR #1514: ZIP excessive disk read - fix location of central directory PR #1520: fix double-free in CAB reader PR #1521: Fixed leak of rar before ending with error PR #1530: Handle short writes from archive_write_callback PR #1532: 7zip: Use compression settings from file also for file header IS #1566: do not follow symlinks when processing the fixup listMFC after: 2 weeksRelnotes: yes List of files: /src/contrib/libarchive/NEWS Mon, 23 Aug 2021 00:54:15 +0000 Martin Matuska <mm@FreeBSD.org> http://opengrok.net:8080/history/src/contrib/libarchive/NEWS#69a18c5826c9633a6d77e18f9f34e02c83d22717 contrib/libarchive: Import libarchive 3.5.1Merge commit '8be2bb3d35e232080b4e39244020e650bbe31562' into main List of files: /src/contrib/libarchive/NEWS Sun, 27 Dec 2020 23:34:06 +0000 Martin Matuska <mm@FreeBSD.org> http://opengrok.net:8080/history/src/contrib/libarchive/NEWS#c3afd20f1335949db24ba8af348e8706be995059 MFV r368207:Update libarchive to 3.5.0Relevant vendor changes: Issue #1258: add archive_read_support_filter_by_code() PR #1347: mtree digest reader support Issue #1381: skip hardlinks pointing to itself on extraction PR #1387: fix writing of cpio archives with hardlinks without file type PR #1388: fix rdev field in cpio format for device nodes PR #1389: completed support for UTF-8 encoding conversion PR #1405: more formats in archive_read_support_format_by_code() PR #1408: fix uninitialized size in rar5_read_data PR #1409: system extended attribute support PR #1435: support for decompression of symbolic links in zipx archives Issue #1456: memory leak after unsuccessful archive_write_open_filenameMFC after: 1 week List of files: /src/contrib/libarchive/NEWS Tue, 01 Dec 2020 15:53:12 +0000 Martin Matuska <mm@FreeBSD.org> http://opengrok.net:8080/history/src/contrib/libarchive/NEWS#de6fa6b43b494faedcf7eeb12cb9164c11b4fd17 MFV r361280:Update libarchive to 3.4.3Relevant vendor changes: PR #1352: support negative zstd compression levels PR #1359: improve zstd version checking PR #1348: support RHT.security.selinux from GNU tar PR #1357: support for archives compressed with pzstd PR #1367: fix issues in acl tests PR #1372: child handling cleanup PR #1378: fix memory leak from passphrase callback List of files: /src/contrib/libarchive/NEWS Wed, 20 May 2020 20:58:48 +0000 Martin Matuska <mm@FreeBSD.org> http://opengrok.net:8080/history/src/contrib/libarchive/NEWS#44e86fbdcf5a3e625095652a3d0ab99532e54eea Merge ^/head r357662 through r357854. List of files: /src/contrib/libarchive/NEWS Thu, 13 Feb 2020 12:52:24 +0000 Dimitry Andric <dim@FreeBSD.org> http://opengrok.net:8080/history/src/contrib/libarchive/NEWS#f976241773df2260e6170317080761d1c5814fe5 MFV r357783:Update libarchive to 3.4.2Relevant vendor changes: PR #1289: atomic extraction support (bsdtar -x --safe-writes) PR #1308: big endian fix for UTF16 support in LHA reader PR #1326: reject RAR5 files that declare invalid header flags Issue #987: fix support 7z archive entries with Delta filter Issue #1317: fix compression output buffer handling in XAR writer Issue #1319: fix uname or gname longer than 32 characters in pax writer Issue #1325: fix use after free when archiving hardlinks in ISO9660 or XAR Use localtime_r() and gmtime_r() instead of localtime() and gmtime()X-MFC-With: r356212,r356365,r356416MFC after: 1 week List of files: /src/contrib/libarchive/NEWS Wed, 12 Feb 2020 00:16:56 +0000 Martin Matuska <mm@FreeBSD.org> http://opengrok.net:8080/history/src/contrib/libarchive/NEWS#79085fd3b922771b329bc3d218b6d52daab8a9a4 MFV r356163,r356197:Update libarchive to 3.4.1Relevant vendor changes since last update: Issue #351: Refactor and implement private state logic for write filters PR #1252: RAR5 reader - verify window size for solid files (OSS-Fuzz 15482) PR #1255: zip writer - don't append unused NUL for directories PR #1260: Fix sparse file offset overflow on 32-bit systems PR #1263: UNICODE filename support for reading lha/lzh format Issue #1276: Bugfix and optimize archive_wstring_append_from_mbs() PR #1288: Add the "xattrhdr" option to pax write options PR #1295: 7z reader - fix reading archives with digests in PackInfo PR #1296: RAR5 reader - verify window size for multivolume archives PR #1297: ZIP reader - support LZMA_STREAM_END marker in 'lzma alone' files Issue #1298: Fix a heap-buffer-overflow in archive_string_append_from_wcs() OSS-Fuzz 19360, 19362: LHA reader - plug two memory leaks on error Fix possible off-by-one when dealing with readlink(2)MFC after: 2 weeks List of files: /src/contrib/libarchive/NEWS Tue, 31 Dec 2019 00:05:06 +0000 Martin Matuska <mm@FreeBSD.org>