Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package libarchive for openSUSE:Factory checked in at 2025-12-17 17:31:51 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/libarchive (Old) and /work/SRC/openSUSE:Factory/.libarchive.new.1939 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "libarchive" Wed Dec 17 17:31:51 2025 rev:61 rq:1323012 version:3.8.4 Changes: -------- --- /work/SRC/openSUSE:Factory/libarchive/libarchive.changes 2025-12-04 11:26:26.574420854 +0100 +++ /work/SRC/openSUSE:Factory/.libarchive.new.1939/libarchive.changes 2025-12-17 17:35:21.697110123 +0100 @@ -1,0 +2,9 @@ +Tue Dec 9 09:17:20 UTC 2025 - Andreas Stieger <[email protected]> + +- Update to 3.8.4: + * bsdtar: Fix zero-length pattern issue + * lib: Fix regression introduced in libarchive 3.8.2 when walking + enterable but unreadable directories +- add libarchive-3.8.4-tar-fix-tests.patch to fix tests + +------------------------------------------------------------------- Old: ---- libarchive-3.8.3.tar.xz libarchive-3.8.3.tar.xz.asc New: ---- libarchive-3.8.4-tar-fix-tests.patch libarchive-3.8.4.tar.xz libarchive-3.8.4.tar.xz.asc ----------(New B)---------- New: enterable but unreadable directories - add libarchive-3.8.4-tar-fix-tests.patch to fix tests ----------(New E)---------- ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ libarchive.spec ++++++ --- /var/tmp/diff_new_pack.sn3Rd5/_old 2025-12-17 17:35:22.701152319 +0100 +++ /var/tmp/diff_new_pack.sn3Rd5/_new 2025-12-17 17:35:22.705152487 +0100 @@ -20,7 +20,7 @@ %define somajor 13 %define libname libarchive%{somajor} Name: libarchive -Version: 3.8.3 +Version: 3.8.4 Release: 0 Summary: Utility and C library to create and read several streaming archive formats License: BSD-2-Clause @@ -30,6 +30,9 @@ Source1: https://github.com/libarchive/libarchive/releases/download/v%{version}/libarchive-%{version}.tar.xz.asc Source2: libarchive.keyring Source1000: baselibs.conf +# https://github.com/libarchive/libarchive/issues/2804 +# https://github.com/libarchive/libarchive/pull/2809 +Patch0: libarchive-3.8.4-tar-fix-tests.patch BuildRequires: cmake BuildRequires: ninja BuildRequires: pkgconfig ++++++ libarchive-3.8.4-tar-fix-tests.patch ++++++ >From 400598a59e2158deb7fe7d976db0c4b8e4becc0a Mon Sep 17 00:00:00 2001 From: Martin Matuska <[email protected]> Date: Mon, 8 Dec 2025 21:40:46 +0100 Subject: [PATCH] tar: fix off-bounds read resulting from #2787 (3150539ed) --- tar/subst.c | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/tar/subst.c b/tar/subst.c index a466f6535..fff9a45c8 100644 --- a/tar/subst.c +++ b/tar/subst.c @@ -237,7 +237,7 @@ apply_substitution(struct bsdtar *bsdtar, const char *name, char **result, char isEnd = 0; do { - isEnd = *name == '\0'; + isEnd = *name == '\0'; if (regexec(&rule->re, name, 10, matches, 0)) break; @@ -293,13 +293,13 @@ apply_substitution(struct bsdtar *bsdtar, const char *name, char **result, realloc_strcat(result, rule->result + j); if (matches[0].rm_eo > 0) { - name += matches[0].rm_eo; - } else { - // We skip a character because the match is 0-length - // so we need to add it to the output - realloc_strncat(result, name, 1); - name += 1; - } + name += matches[0].rm_eo; + } else if (!isEnd) { + // We skip a character because the match is 0-length + // so we need to add it to the output + realloc_strncat(result, name, 1); + name += 1; + } } while (rule->global && !isEnd); // Testing one step after because sed et al. run 0-length patterns a last time on the empty string at the end } ++++++ libarchive-3.8.3.tar.xz -> libarchive-3.8.4.tar.xz ++++++ ++++ 4189 lines of diff (skipped)
