Thanks for catching this, I didn't have that on my radar.
Fix committed to main with 3-day MFC.
Cheers,
mm
On 8. 4. 2022 5:13, Kyle Evans wrote:
On Wed, Feb 9, 2022 at 5:52 PM Martin Matuska <[email protected]> wrote:
The branch main has been updated by mm:
URL:
https://cgit.FreeBSD.org/src/commit/?id=833a452e9f082a7982a31c21f0da437dbbe0a39d
commit 833a452e9f082a7982a31c21f0da437dbbe0a39d
Merge: 17a56f3fabdf 84631082f67b
Author: Martin Matuska <[email protected]>
AuthorDate: 2022-02-09 23:35:42 +0000
Commit: Martin Matuska <[email protected]>
CommitDate: 2022-02-09 23:35:42 +0000
libarchive: import changes from upstream
Libarchive 3.6.0
New features:
PR #1614: tar: new option "--no-read-sparse"
PR #1503: RAR reader: filter support
PR #1585: RAR5 reader: self-extracting archive support
New features (not used in FreeBSD base):
PR #1567: tar: threads support for zstd (#1567)
PR #1518: ZIP reader: zstd decompression support
Security Fixes:
PR #1491, #1492, #1493, CVE-2021-36976:
fix invalid memory access and out of bounds read in RAR5 reader
PR #1566, #1618, CVE-2021-31566:
extended fix for following symlinks when processing the fixup list
Other notable bugfixes and improvements:
PR #1620: tar: respect "--ignore-zeros" in c, r and u modes
PR #1625: reduced size of application binaries
MFC after: 2 weeks
Relnotes: yes
Hi,
This commit makes pkg angry when trying to use zstd support -- I
tracked it down to libarchive wanting to shell out now, because this
conditional changed:
https://cgit.freebsd.org/src/tree/contrib/libarchive/libarchive/archive_write_add_filter_zstd.c#n112
We should probably make pkg accept ARCHIVE_WARN since shelling out
isn't so bad, but I have this diff to fix base libarchive:
https://people.freebsd.org/~kevans/libarchive.diff
I didn't quite check if there were any other surprises like this,
though. Is this sufficient and OK to commit?
Thanks,
Kyle Evans
