Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package libarchive for openSUSE:Factory checked in at 2022-03-05 14:43:48 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/libarchive (Old) and /work/SRC/openSUSE:Factory/.libarchive.new.1958 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "libarchive" Sat Mar 5 14:43:48 2022 rev:45 rq:958752 version:3.6.0 Changes: -------- --- /work/SRC/openSUSE:Factory/libarchive/libarchive.changes 2021-12-02 02:16:08.366500700 +0100 +++ /work/SRC/openSUSE:Factory/.libarchive.new.1958/libarchive.changes 2022-03-05 14:44:27.843716771 +0100 @@ -1,0 +2,15 @@ +Thu Feb 24 19:18:32 UTC 2022 - Ferdinand Thiessen <[email protected]> + +- Update to 3.6.0 + * Fix use-after-free bug (CVE-2021-36976) + * tar: new option "--no-read-sparse" + * tar: threads support for zstd + * RAR reader: filter support + * RAR5 reader: self-extracting archive support + * ZIP reader: zstd decompression support + * tar: respect "--ignore-zeros" in c, r and u modes + * reduced size of application binaries + * internal code optimizations +- Drop upstream merged fix-following-symlinks.patch + +------------------------------------------------------------------- @@ -5,0 +21 @@ + CVE-2021-31566 Old: ---- fix-following-symlinks.patch libarchive-3.5.2.tar.xz libarchive-3.5.2.tar.xz.asc New: ---- libarchive-3.6.0.tar.xz libarchive-3.6.0.tar.xz.asc ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ libarchive.spec ++++++ --- /var/tmp/diff_new_pack.NZ7OHZ/_old 2022-03-05 14:44:28.391716909 +0100 +++ /var/tmp/diff_new_pack.NZ7OHZ/_new 2022-03-05 14:44:28.395716910 +0100 @@ -1,7 +1,7 @@ # # spec file for package libarchive # -# Copyright (c) 2021 SUSE LLC +# Copyright (c) 2022 SUSE LLC # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -30,7 +30,7 @@ %bcond_without ext2fs %endif Name: libarchive -Version: 3.5.2 +Version: 3.6.0 Release: 0 Summary: Utility and C library to create and read several different streaming archive formats License: BSD-2-Clause @@ -42,8 +42,6 @@ Source1000: baselibs.conf Patch1: lib-suffix.patch Patch2: fix-soversion.patch -# PATCH-FIX-UPSTREAM -Patch3: fix-following-symlinks.patch BuildRequires: cmake BuildRequires: libacl-devel BuildRequires: libbz2-devel ++++++ libarchive-3.5.2.tar.xz -> libarchive-3.6.0.tar.xz ++++++ /work/SRC/openSUSE:Factory/libarchive/libarchive-3.5.2.tar.xz /work/SRC/openSUSE:Factory/.libarchive.new.1958/libarchive-3.6.0.tar.xz differ: char 25, line 1
