CyberLeo.Net >> Repos - FreeBSD/FreeBSD.git/commit

MFV r302003,r302037,r302038,r302056:

Update libarchive to 3.2.1 (bugfix and security fix release)

List of vendor fixes:
- fix exploitable heap overflow vulnerability in Rar decompression
  (vendor issue 719, CVE-2016-4302, TALOS-2016-0154)
- fix exploitable stack based buffer overflow vulnebarility in mtree
  parse_device functionality (vendor PR 715, CVE-2016-4301, TALOS-2016-0153)
- fix exploitable heap overflow vulnerability in 7-zip read_SubStreamsInfo
  (vendor issue 718, CVE-2016-4300, TALOS-2016-152)
- fix integer overflow when computing location of volume descriptor
  (vendor issue 717)
- fix buffer overflow when reading a crafred rar archive (vendor issue 521)
- fix possible buffer overflow when reading ISO9660 archives on machines
  where sizeof(int) < sizeof(size_t) (vendor issue 711)
- tar and cpio should fail if an input file named on the command line is
  missing (vendor issue 708)
- fix incorrect writing of gnutar filenames that are exactly 512 bytes
  long (vendor issue 682)
- allow tests to be run from paths that are equal or longer than 128
  characters (vendor issue 657)
- add memory allocation errors in archive_entry_xattr.c (vendor PR 603)
- remove dead code in archive_entry_xattr_add_entry() (vendor PR 716)
- fix broken decryption of ZIP files (vendor issue 553)
- manpage style, typo and description fixes

Post-3.2.1 vendor fixes:
- fix typo in cpio version reporting (Vendor PR 725, 726)
- fix argument range of ctype functions in libarchive_fe/passphrase.c
- fix ctype use and avoid empty loop bodies in WARC reader

MFC after: 1 week
Security: CVE-2016-4300, CVE-2016-4301, CVE-2016-4302
Approved by: re (kib)

author	mm <mm@FreeBSD.org>
	Wed, 22 Jun 2016 07:49:59 +0000 (07:49 +0000)
committer	mm <mm@FreeBSD.org>
	Wed, 22 Jun 2016 07:49:59 +0000 (07:49 +0000)
commit	fbcd396bf91e65ca18764a3a6e2ffe0d757083be
tree	3f7339ab05554a05eac1366e0b16884c88a99aa0	tree \| snapshot
parent	a6270457f86ae61d2ff0ce1094ecd76432a0b6ce	commit \| diff
parent	6eb933941675bf7318416a0f4c398aef7715a906	commit \| diff
parent	476ebe3707afa4e701b14e4f1c987ada33d027c7	commit \| diff

contrib/libarchive/NEWS	diff1 \|	\|	diff3 \|	blob \| history
contrib/libarchive/cat/test/main.c	diff1 \|	diff2 \|	diff3 \|	blob \| history
contrib/libarchive/cpio/cpio.c	diff1 \|	\|	\|	blob \| history
contrib/libarchive/cpio/test/main.c	diff1 \|	\|	\|	blob \| history
contrib/libarchive/cpio/test/test_missing_file.c	\|	diff2 \|	diff3 \|	blob \| history
contrib/libarchive/cpio/test/test_option_version.c	diff1 \|	diff2 \|	diff3 \|	blob \| history
contrib/libarchive/libarchive/archive.h	diff1 \|	diff2 \|	diff3 \|	blob \| history
contrib/libarchive/libarchive/archive_entry.h	diff1 \|	diff2 \|	diff3 \|	blob \| history
contrib/libarchive/libarchive/archive_entry_xattr.c	diff1 \|	diff2 \|	diff3 \|	blob \| history
contrib/libarchive/libarchive/archive_ppmd7.c	diff1 \|	diff2 \|	diff3 \|	blob \| history
contrib/libarchive/libarchive/archive_read_support_format_7zip.c	diff1 \|	diff2 \|	diff3 \|	blob \| history
contrib/libarchive/libarchive/archive_read_support_format_iso9660.c	diff1 \|	diff2 \|	diff3 \|	blob \| history
contrib/libarchive/libarchive/archive_read_support_format_lha.c	diff1 \|	diff2 \|	diff3 \|	blob \| history
contrib/libarchive/libarchive/archive_read_support_format_mtree.c	diff1 \|	diff2 \|	diff3 \|	blob \| history
contrib/libarchive/libarchive/archive_read_support_format_rar.c	diff1 \|	diff2 \|	diff3 \|	blob \| history
contrib/libarchive/libarchive/archive_read_support_format_warc.c	diff1 \|	diff2 \|	diff3 \|	blob \| history
contrib/libarchive/libarchive/archive_read_support_format_zip.c	diff1 \|	diff2 \|	diff3 \|	blob \| history
contrib/libarchive/libarchive/archive_write_filter.3	diff1 \|	diff2 \|	diff3 \|	blob \| history
contrib/libarchive/libarchive/archive_write_set_format_gnutar.c	diff1 \|	diff2 \|	diff3 \|	blob \| history
contrib/libarchive/libarchive/archive_write_set_format_iso9660.c	diff1 \|	diff2 \|	diff3 \|	blob \| history
contrib/libarchive/libarchive/archive_write_set_options.3	diff1 \|	diff2 \|	diff3 \|	blob \| history
contrib/libarchive/libarchive/libarchive-formats.5	diff1 \|	diff2 \|	diff3 \|	blob \| history
contrib/libarchive/libarchive/libarchive_changes.3	diff1 \|	diff2 \|	diff3 \|	blob \| history
contrib/libarchive/libarchive/test/main.c	diff1 \|	\|	\|	blob \| history
contrib/libarchive/libarchive/test/test_read_format_rar_invalid1.c	\|	\|	diff3 \|	blob \| history
contrib/libarchive/libarchive/test/test_read_format_rar_invalid1.rar.uu	\|	\|	diff3 \|	blob \| history
contrib/libarchive/libarchive/test/test_write_format_gnutar_filenames.c	\|	diff2 \|	diff3 \|	blob \| history
contrib/libarchive/libarchive_fe/passphrase.c	diff1 \|	diff2 \|	diff3 \|	blob \| history
contrib/libarchive/tar/test/main.c	diff1 \|	\|	\|	blob \| history
contrib/libarchive/tar/test/test_missing_file.c	\|	diff2 \|	diff3 \|	blob \| history
contrib/libarchive/tar/write.c	diff1 \|	\|	\|	blob \| history
lib/libarchive/tests/Makefile	diff1 \|	\|	\|	blob \| history
usr.bin/bsdcat/Makefile	diff1 \|	\|	\|	blob \| history
usr.bin/cpio/Makefile	diff1 \|	\|	\|	blob \| history
usr.bin/cpio/tests/Makefile	diff1 \|	\|	\|	blob \| history
usr.bin/tar/Makefile	diff1 \|	\|	\|	blob \| history
usr.bin/tar/tests/Makefile	diff1 \|	\|	\|	blob \| history