Mirror of packages feed https://git.openwrt.org/feed/packages/atom?h=master 2025-06-10T19:41:35Z 2025-06-10T19:41:35Z Robert Marko 2025-06-10T17:22:12Z urn:sha1:af419864e305ca30758a9dd84560a62f7bf0ab28 libarchive changed the pkgconfig install logic in 3.8.1, so that it now installs the pkgconfig file in ${CMAKE_INSTALL_LIBDIR}/pkgconfig instead of the previous lib/pkgconfig. While this is a bug[1] in libarchive as this was unintended change, until that is fixed upstream lets pass -DCMAKE_INSTALL_LIBDIR=lib to restore previous behaviour in order for InstallDev step to install the .pc file so other packages can find libarchive and link against it. [1] https://github.com/libarchive/libarchive/issues/2667 Fixes: d77931df5db6 ("libarchive: bump to 3.8.1") Signed-off-by: Robert Marko <robimarko@gmail.com> 2025-06-07T09:57:04Z John Audia 2025-06-06T23:31:54Z urn:sha1:d77931df5db6bdc871a894799b5fa72e842db8ef This is a feaure and bugfix release. New features: bsdtar: support --mtime and --clamp-mtime (#2601) lib: mbedtls 3.x compatibility (#2602) 7-zip reader: improve self-extracting archive detection (#2088) xar: xmllite support for the XAR reader and writer (#2388) zip writer: added XZ, LZMA, ZSTD and BZIP2 support (#2137, #2284, #2391) zip writer: added LZMA + RISCV BCJ filter (#2403) Notable security fixes: rar: do not skip past EOF while reading (#2584) rar: fix double free with over 4 billion nodes (#2598) rar: fix heap-buffer-overflow (#2599) warc: prevent signed integer overflow (#2568) tar: fix overflow in build_ustar_entry (#2588) Notable bugfixes: ibarchive: fix FILE_skip regression (#2642) compress: Prevent call stack overflow (#2649) iso9660: always check archive_string_ensure return value (#2651) tar: Support negative time values with pax (#2634) tar: Reset accumulated header state after reading macOS metadata blob (#2636) tar: Keep block alignment after pax error (#2637) tar: Handle extra bytes after sparse entries (#2643) windows: check archive_wstring_ensure return value (#2652) bsdtar: don't hardlink negative inode files together (#2587) gz: allow setting the original filename for gzip compressed files (#2544) lib: improve lseek handling (#2564) lib: support @-prefixed Unix epoch timestamps as date strings (#2606) rar: support large headers on 32 bit systems (#2596) tar reader: Improve LFS support on 32 bit systems (#2582) Full changelog: https://github.com/libarchive/libarchive/compare/v3.7.9...v3.8.1 Build system: x86/64 Build-tested: x86/64 Run-tested: x86/64 Signed-off-by: John Audia <therealgraysky@proton.me> 2025-04-14T08:41:40Z Petr Štetiar 2025-04-14T04:20:36Z urn:sha1:4803944c5a8e583bb21d643d004da96fbce7c89d Libarchive 3.7.9 is a bugfix release, fixing a regression in libarchive 3.7.8 regarding GNU sparse entries was fixed. Libarchive 3.7.8 is a bugfix and security release: Security fixes: * tar reader: Handle truncation in the middle of a GNU long linkname (CVE-2024-57970) * unzip: fix null pointer dereference (CVE-2025-1632) * tar reader: fix unchecked return value in list_item_verbose() (CVE-2025-25724) Important bugfixes: * 7zip reader: add SPARC and POWERPC filter support for non-LZMA compressors * tar reader: Ignore ustar size when pax size is present * tar writer: Fix bug when -s/a/b/ used more than once with b flag * cpio: Fix a Y2038 bug on Windows * libarchive: Handle ARCHIVE_FILTER_LZOP in archive_read_append_filter * libarchive: Adding missing seeker function to archive_read_open_FILE() Full Changelog: https://github.com/libarchive/libarchive/compare/v3.7.7...v3.7.8 Signed-off-by: Petr Štetiar <ynezz@true.cz> 2025-04-13T08:43:29Z Matthias Franck 2025-03-17T09:08:10Z urn:sha1:39b1179bd663ca7d1a486df0372ed5d508156e22 libarchive fixed a lot of security issues in the last few releases, listing only notable changes, libarchive 3.7.5: * rar4: protect copy_from_lzss_window_to_unp() CVE-2024-20696 * rar4: fix CVE-2024-26256 libarchive 3.7.6: * this release fixes a tar regression introduced in libarchive 3.7.5 libarchive 3.7.7: * gzip: prevent a hang when processing a malformed gzip inside a gzip (OSS-Fuzz) * tar: don't crash on truncated tar archives (OSS-Fuzz) * tar: fix two leaks in tar header parsing Link: https://github.com/libarchive/libarchive/releases Signed-off-by: Matthias Franck <matthias.franck@softathome.com> 2024-09-17T12:18:11Z Matthias FRANCK 2024-08-26T19:54:23Z urn:sha1:9cd39fbf89c51e83e9239ca0331a72c012a615e8 Looks like libarchive v3.7.3 adds support for pcre2 (https://github.com/libarchive/libarchive/commit/d1231a7ea7df4db6ddba73f06df67dbab0174a5c). Because of this, the following build error is observed (in the case pcre2 is compiled before libarchive): Package libarchive is missing dependencies for the following libraries: libpcre2-8.so.0 libpcre2-posix.so.3 So let's disable linking with pcre2, just like linking with pcre was disabled before. Signed-off-by: Matthias FRANCK <matthias.franck@softathome.com> 2024-06-02T00:28:51Z krant 2024-06-01T23:05:38Z urn:sha1:c87b846cacadf30db10b837dbee7b9dbbd3fffc4 Signed-off-by: krant <aleksey.vasilenko@gmail.com> 2024-04-10T23:13:35Z krant 2024-04-10T12:36:47Z urn:sha1:8d4b72c53bff0d5294344a08f8515292458c6c89 Signed-off-by: krant <aleksey.vasilenko@gmail.com> 2024-02-07T21:52:21Z krant 2024-02-06T17:00:59Z urn:sha1:935e6e0160fae00e97118b626c9f76318727163e - Don't set CMake options matching the defaults Signed-off-by: krant <aleksey.vasilenko@gmail.com> 2022-12-23T18:25:32Z Michal Vasilek 2022-12-22T12:05:51Z urn:sha1:256f8f76a6c01d9b51dadc278fdf7c9c13165bab Signed-off-by: Michal Vasilek <michal.vasilek@nic.cz> 2022-12-23T18:25:32Z Michal Vasilek 2022-12-22T11:12:36Z urn:sha1:85aed680be05e8b9d6f22df793f68079154cdf00 * fixes CVE-2022-36227 * drop upstreamed patch * removed deprecated AUTORELEASE Signed-off-by: Michal Vasilek <michal.vasilek@nic.cz>