Update libarchive to 3.4.2
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
libarchive (Debian) |
Fix Released
|
Unknown
|
|||
libarchive (Ubuntu) |
Fix Released
|
Wishlist
|
Unassigned | ||
Focal |
Triaged
|
Wishlist
|
Unassigned |
Bug Description
Please update libarchive to 3.4.2, also fixes LP: #1814109.
The bug and security fixes outweighs the new features added in 3.4.1 and 3.4.2.
https:/
Libarchive 3.4.2 is a feature and security release.
New features:
support for atomic file extraction (bsdtar -x --safe-writes) (#1289)
support for mbed TLS (PolarSSL) (#1301)
Important bugfixes:
security fixes in RAR5 reader (#1280 #1326)
compression buffer fix in XAR writer (#1317)
fix uname and gname longer than 32 characters in PAX writer (#1319)
fix segfault when archiving hard links in ISO9660 and XAR writers (#1325)
fix support for extracting 7z archive entries with Delta filter (fixes LP: #1814109) (#987)
Libarchive 3.4.1 is a feature and security release.
New features:
Unicode filename support for reading lha/lzh archives
New pax write option "xattrhdr"
Important bugfixes:
security fixes in wide string processing (#1276 #1298)
security fixes in RAR5 reader (#1212 #1217 #1296)
security fixes and optimizations to write filter logic (#351)
security fix related to use of readlink(2) (1dae5a5)
sparse file handling fixes (#1218 #1260)
description: | updated |
information type: | Public → Public Security |
Changed in libarchive (Debian): | |
status: | Unknown → New |
Changed in libarchive (Debian): | |
status: | New → Fix Released |
Thank, when request a version update afer feature freeze please state why you think that update should be done despite the freeze
Note that it has been reported to Debian also and is being worked there but non trivial, see https:/ /bugs.debian. org/cgi- bin/bugreport. cgi?bug= 953553