Author: bodewig
Date: Thu Aug 16 08:10:51 2018
New Revision: 28769
Log:
vote for Commons Compress 1.18 RC1 has passed
Added:
release/commons/compress/binaries/commons-compress-1.18-bin.tar.gz
- copied unchanged from r28768,
dev/commons/compress/binaries/commons-compress-1.18-bin.tar.gz
release/commons/compress/binaries/commons-compress-1.18-bin.tar.gz.asc
- copied unchanged from r28768,
dev/commons/compress/binaries/commons-compress-1.18-bin.tar.gz.asc
release/commons/compress/binaries/commons-compress-1.18-bin.tar.gz.sha256
- copied unchanged from r28768,
dev/commons/compress/binaries/commons-compress-1.18-bin.tar.gz.sha256
release/commons/compress/binaries/commons-compress-1.18-bin.zip
- copied unchanged from r28768,
dev/commons/compress/binaries/commons-compress-1.18-bin.zip
release/commons/compress/binaries/commons-compress-1.18-bin.zip.asc
- copied unchanged from r28768,
dev/commons/compress/binaries/commons-compress-1.18-bin.zip.asc
release/commons/compress/binaries/commons-compress-1.18-bin.zip.sha256
- copied unchanged from r28768,
dev/commons/compress/binaries/commons-compress-1.18-bin.zip.sha256
release/commons/compress/source/commons-compress-1.18-src.tar.gz
- copied unchanged from r28768,
dev/commons/compress/source/commons-compress-1.18-src.tar.gz
release/commons/compress/source/commons-compress-1.18-src.tar.gz.asc
- copied unchanged from r28768,
dev/commons/compress/source/commons-compress-1.18-src.tar.gz.asc
release/commons/compress/source/commons-compress-1.18-src.tar.gz.sha256
- copied unchanged from r28768,
dev/commons/compress/source/commons-compress-1.18-src.tar.gz.sha256
release/commons/compress/source/commons-compress-1.18-src.zip
- copied unchanged from r28768,
dev/commons/compress/source/commons-compress-1.18-src.zip
release/commons/compress/source/commons-compress-1.18-src.zip.asc
- copied unchanged from r28768,
dev/commons/compress/source/commons-compress-1.18-src.zip.asc
release/commons/compress/source/commons-compress-1.18-src.zip.sha256
- copied unchanged from r28768,
dev/commons/compress/source/commons-compress-1.18-src.zip.sha256
Removed:
dev/commons/compress/RELEASE-NOTES.txt
dev/commons/compress/binaries/commons-compress-1.18-bin.tar.gz
dev/commons/compress/binaries/commons-compress-1.18-bin.tar.gz.asc
dev/commons/compress/binaries/commons-compress-1.18-bin.tar.gz.sha256
dev/commons/compress/binaries/commons-compress-1.18-bin.zip
dev/commons/compress/binaries/commons-compress-1.18-bin.zip.asc
dev/commons/compress/binaries/commons-compress-1.18-bin.zip.sha256
dev/commons/compress/source/commons-compress-1.18-src.tar.gz
dev/commons/compress/source/commons-compress-1.18-src.tar.gz.asc
dev/commons/compress/source/commons-compress-1.18-src.tar.gz.sha256
dev/commons/compress/source/commons-compress-1.18-src.zip
dev/commons/compress/source/commons-compress-1.18-src.zip.asc
dev/commons/compress/source/commons-compress-1.18-src.zip.sha256
Modified:
release/commons/compress/README.html
release/commons/compress/RELEASE-NOTES.txt
Modified: release/commons/compress/README.html
==============================================================================
--- release/commons/compress/README.html (original)
+++ release/commons/compress/README.html Thu Aug 16 08:10:51 2018
@@ -1,6 +1,6 @@
-<h1>Commons-Compress 1.17</h1>
+<h1>Commons-Compress 1.18</h1>
-<p>This is the 1.17 release of commons-compress. It is available in both
binary and source distributions.</p>
+<p>This is the 1.18 release of commons-compress. It is available in both
binary and source distributions.</p>
<p><font color="red" size="+2">Note:</font>
The tar files in the distribution use GNU tar extensions
@@ -34,12 +34,12 @@ href="https://www.apache.org/dist/common
<pre>Always test available signatures, <i>e.g.</i>,
$ pgpk -a KEYS
-$ pgpv commons-compress-1.17-bin.tar.gz.asc
+$ pgpv commons-compress-1.18-bin.tar.gz.asc
or,
$ pgp -ka KEYS
-$ pgp commons-compress-1.17-bin.tar.gz.asc
+$ pgp commons-compress-1.18-bin.tar.gz.asc
or,
$ gpg --import KEYS
-$ gpg --verify commons-compress-1.17-bin.tar.gz.asc
+$ gpg --verify commons-compress-1.18-bin.tar.gz.asc
</pre>
<p>
Modified: release/commons/compress/RELEASE-NOTES.txt
==============================================================================
--- release/commons/compress/RELEASE-NOTES.txt (original)
+++ release/commons/compress/RELEASE-NOTES.txt Thu Aug 16 08:10:51 2018
@@ -5,6 +5,44 @@ compression and archive formats. These
lzma, xz, Snappy, traditional Unix Compress, DEFLATE, DEFLATE64, LZ4,
Brotli, Zstandard and ar, cpio, jar, tar, zip, dump, 7z, arj.
+Release 1.18
+------------
+
+New features:
+o It is now possible to specify the arguments of zstd-jni's
+ ZstdOutputStream constructors via Commons Compress as well.
+ Issue: COMPRESS-460.
+ Thanks to Carmi Grushko.
+
+Fixed Bugs:
+o The example Expander class has been vulnerable to a path
+ traversal in the edge case that happens when the target
+ directory has a sibling directory and the name of the target
+ directory is a prefix of the sibling directory's name.
+ Thanks to Didier Loiseau.
+o Changed the OSGi Import-Package to also optionally import
+ javax.crypto so encrypted archives can be read.
+ Issue: COMPRESS-456.
+o Changed various implementations of the close method to better
+ ensure all held resources get closed even if exceptions are
+ thrown during the closing the stream.
+ Issue: COMPRESS-457.
+o ZipArchiveInputStream can now detect the APK Signing Block
+ used in signed Android APK files and treats it as an "end of
+ archive" marker.
+ Issue: COMPRESS-455.
+o The cpio streams didn't handle archives using a multi-byte
+ encoding properly.
+ Issue: COMPRESS-459.
+ Thanks to Jens Reimann.
+o ZipArchiveInputStream#read would silently return -1 on a
+ corrupted stored entry and even return > 0 after hitting the
+ end of the archive.
+ Issue: COMPRESS-463.
+o ArArchiveInputStream#read would allow to read from the stream
+ without opening an entry at all.
+ Issue: COMPRESS-462.
+
Release 1.17
------------
@@ -70,53 +108,53 @@ Release 1.16
New features:
o Add read-only support for Zstandard compression based on the
Zstd-jni project.
- Issue: COMPRESS-423. Thanks to Andre F de Miranda.
+ Issue: COMPRESS-423. Thanks to Andre F de Miranda.
o Added auto-detection for Zstandard compressed streams.
- Issue: COMPRESS-425.
+ Issue: COMPRESS-425.
o Added write-support for Zstandard compression.
- Issue: COMPRESS-426.
+ Issue: COMPRESS-426.
o Added read-only DEFLATE64 support to ZIP archives and as
stand-alone CompressorInputStream.
- Issue: COMPRESS-380. Thanks to Christian Marquez Grabia.
+ Issue: COMPRESS-380. Thanks to Christian Marquez Grabia.
o Added read-only DEFLATE64 support to 7z archives.
- Issue: COMPRESS-437.
+ Issue: COMPRESS-437.
Fixed Bugs:
o Synchronized iteration over a synchronizedList in
ParallelScatterZipCreator.
- Issue: COMPRESS-430. Thanks to Bruno P. Kinoshita.
+ Issue: COMPRESS-430. Thanks to Bruno P. Kinoshita.
o ZipFile could get stuck in an infinite loop when parsing ZIP
archives with certain strong encryption headers.
- Issue: COMPRESS-432.
+ Issue: COMPRESS-432.
o Added improved checks to detect corrupted bzip2 streams and
throw the expected IOException rather than obscure
RuntimeExceptions.
- Issue: COMPRESS-424.
+ Issue: COMPRESS-424.
Changes:
o Replaces instanceof checks with a type marker in LZ77 support code.
- Issue: COMPRESS-435. Thanks to BELUGA BEHR.
+ Issue: COMPRESS-435. Thanks to BELUGA BEHR.
o Updated XZ for Java dependency to 1.8 in order to pick up bug fix
- to LZMA2InputStream's available method.
+ to LZMA2InputStream's available method.
o ZipArchiveEntry now exposes how the name or comment have been
determined when the entry was read.
- Issue: COMPRESS-429. Thanks to Damiano Albani.
+ Issue: COMPRESS-429. Thanks to Damiano Albani.
o ZipFile.getInputStream will now always buffer the stream
internally in order to improve read performance.
- Issue: COMPRESS-438.
+ Issue: COMPRESS-438.
o Speed improvement for DEFLATE64 decompression.
- Issue: COMPRESS-440. Thanks to Dawid Weiss.
+ Issue: COMPRESS-440. Thanks to Dawid Weiss.
o Added a few extra sanity checks for the rarer compression
methods used in ZIP archives.
- Issue: COMPRESS-436.
+ Issue: COMPRESS-436.
o Simplified the special handling for the dummy byte required by
zlib when using java.util.zip.Inflater.
- Issue: COMPRESS-441.
+ Issue: COMPRESS-441.
o Various code cleanups.
- Github Pull Request #61. Thanks to Shahab Kondri.
+ Github Pull Request #61. Thanks to Shahab Kondri.
o TarArchiveEntry's preserveLeadingSlashes constructor argument
has been renamed and can now also be used to preserve the
- drive letter on Windows.
+ drive letter on Windows.
Release 1.15
------------
@@ -323,9 +361,9 @@ o TarArchiveInputStream failed to parse
Changes:
o Update requirement from Java 5 to 6.
- Issue: COMPRESS-349.
+ Issue: COMPRESS-349.
o TarArchiveEntry wastefully allocates empty arrays.
- Issue: COMPRESS-350.
+ Issue: COMPRESS-350.
o Javadoc for BZip2CompressorInputStream(InputStream, boolean) should
refer to IOEx, not NPE.
Issue: COMPRESS-353.
@@ -518,7 +556,7 @@ For complete information on Apache Commo
on how to submit bug reports, patches, or suggestions for improvement,
see the Apache Commons Compress website:
-http://commons.apache.org/compress/
+https://commons.apache.org/compress/
Old Release Notes
=================
@@ -836,7 +874,7 @@ Release 1.4.1
-------------
This is a security bugfix release, see
-http://commons.apache.org/proper/commons-compress/security.html#Fixed_in_Apache_Commons_Compress_1.4.1
+https://commons.apache.org/proper/commons-compress/security.html#Fixed_in_Apache_Commons_Compress_1.4.1
Fixed Bugs:
