diff options
author | mm <mm@FreeBSD.org> | 2016-06-30 12:44:15 +0000 |
---|---|---|
committer | mm <mm@FreeBSD.org> | 2016-06-30 12:44:15 +0000 |
commit | 13295f52fb5936b237a994e75311fe18612c73c4 (patch) | |
tree | 2e5d2542532b32df0f9327ddb3a4e866cf594b32 /lib | |
parent | bb239248165adea53a90acbdf3541ede6baaf245 (diff) | |
download | FreeBSD-src-13295f52fb5936b237a994e75311fe18612c73c4.zip FreeBSD-src-13295f52fb5936b237a994e75311fe18612c73c4.tar.gz |
MFC r302075:
Update libarchive to 3.2.1 (bugfix and security fix release)
List of vendor fixes:
- fix exploitable heap overflow vulnerability in Rar decompression
(vendor issue 719, CVE-2016-4302, TALOS-2016-0154)
- fix exploitable stack based buffer overflow vulnebarility in mtree
parse_device functionality (vendor PR 715, CVE-2016-4301, TALOS-2016-0153)
- fix exploitable heap overflow vulnerability in 7-zip read_SubStreamsInfo
(vendor issue 718, CVE-2016-4300, TALOS-2016-152)
- fix integer overflow when computing location of volume descriptor
(vendor issue 717)
- fix buffer overflow when reading a crafred rar archive (vendor issue 521)
- fix possible buffer overflow when reading ISO9660 archives on machines
where sizeof(int) < sizeof(size_t) (vendor issue 711)
- tar and cpio should fail if an input file named on the command line is
missing (vendor issue 708)
- fix incorrect writing of gnutar filenames that are exactly 512 bytes
long (vendor issue 682)
- allow tests to be run from paths that are equal or longer than 128
characters (vendor issue 657)
- add memory allocation errors in archive_entry_xattr.c (vendor PR 603)
- remove dead code in archive_entry_xattr_add_entry() (vendor PR 716)
- fix broken decryption of ZIP files (vendor issue 553)
- manpage style, typo and description fixes
Post-3.2.1 vendor fixes:
- fix typo in cpio version reporting (Vendor PR 725, 726)
- fix argument range of ctype functions in libarchive_fe/passphrase.c
- fix ctype use and avoid empty loop bodies in WARC reader
Security: CVE-2016-4300, CVE-2016-4301, CVE-2016-4302
Diffstat (limited to 'lib')
-rw-r--r-- | lib/libarchive/tests/Makefile | 3 |
1 files changed, 3 insertions, 0 deletions
diff --git a/lib/libarchive/tests/Makefile b/lib/libarchive/tests/Makefile index b8c2f20..b29dcf4 100644 --- a/lib/libarchive/tests/Makefile +++ b/lib/libarchive/tests/Makefile @@ -155,6 +155,7 @@ TESTS_SRCS= \ test_read_format_rar_encryption_data.c \ test_read_format_rar_encryption_header.c \ test_read_format_rar_encryption_partially.c \ + test_read_format_rar_invalid1.c \ test_read_format_raw.c \ test_read_format_tar.c \ test_read_format_tar_concatenated.c \ @@ -234,6 +235,7 @@ TESTS_SRCS= \ test_write_format_cpio_newc.c \ test_write_format_cpio_odc.c \ test_write_format_gnutar.c \ + test_write_format_gnutar_filenames.c \ test_write_format_iso9660.c \ test_write_format_iso9660_boot.c \ test_write_format_iso9660_empty.c \ @@ -470,6 +472,7 @@ FILES+= test_read_format_rar_compress_normal.rar.uu FILES+= test_read_format_rar_encryption_data.rar.uu FILES+= test_read_format_rar_encryption_header.rar.uu FILES+= test_read_format_rar_encryption_partially.rar.uu +FILES+= test_read_format_rar_invalid1.rar.uu FILES+= test_read_format_rar_multi_lzss_blocks.rar.uu FILES+= test_read_format_rar_multivolume.part0001.rar.uu FILES+= test_read_format_rar_multivolume.part0002.rar.uu |