Change log for libarchive package in openKylin

libarchive (3.7.2-ok1) nile; urgency=medium

  * Sync upstream version.

 -- zhouganqing <email address hidden>  Sat, 13 Apr 2024 11:17:00 +0800

Available diffs

• diff from 3.4.0-ok5 to 3.7.2-ok1 (957.1 KiB)

libarchive (3.4.0-ok6) yangtze; urgency=medium

  * Update package info.

 -- zhouganqing <email address hidden>  Wed, 06 Sep 2023 09:49:31 +0800

Available diffs

• diff from 3.4.0-ok4 to 3.4.0-ok6 (1.7 KiB)
• diff from 3.4.0-ok5 to 3.4.0-ok6 (866 bytes)

libarchive (3.4.0-ok5) yangtze; urgency=medium

  * wjy1978 [CVE-2022-26280] libarchive是一款多格式存档和压缩库。Libarchive v3.6.0存在安全漏洞，该漏洞源于组件 zipx_lzma_alone_init 的越界读取。

 -- wangjingyao <email address hidden>  Thu, 20 Jul 2023 19:19:24 +0800

Available diffs

• diff from 3.4.0-ok4 to 3.4.0-ok5 (1.2 KiB)

libarchive (3.4.0-ok4) yangtze; urgency=medium

  * leocheng_bupt_0 CVE-2021-36976 安全更新：libarchive 3.4.1到3.5.1在copy_string（从do_uncompress_block和process_block调用）中使用after free.

 -- chengyingyi <email address hidden>  Thu, 30 Mar 2023 11:30:49 +0800

Available diffs

• diff from 3.4.0-ok1 (in Openkylin) to 3.4.0-ok4 (12.8 KiB)
• diff from 3.4.0-ok3 to 3.4.0-ok4 (7.6 KiB)

libarchive (3.4.0-ok3) yangtze; urgency=high

  * vincent2k1 CVE-2021-31566 安全更新：libarchive 存在安全漏洞，该漏洞源于可以通过符号链接模式时间标记修改数据。攻击者可利用该漏洞可以绕过libarchive的访问限制.

 -- vincent2k1 <email address hidden>  Sat, 18 Mar 2023 22:20:33 +0800

Available diffs

• diff from 3.4.0-ok2 to 3.4.0-ok3 (4.5 KiB)

libarchive (3.4.0-ok2) yangtze; urgency=high

  * duke703 CVE-2021-23177 安全更新：libarchive存在安全漏洞,攻击者可利用该漏洞更改任意文件的模式、时间、acl和标志.

 -- duke703 <email address hidden>  Wed, 08 Mar 2023 16:26:33 +0800

Available diffs

• diff from 3.4.0-ok1 (in Openkylin) to 3.4.0-ok2 (2.0 KiB)

libarchive (3.4.0-ok1) yangtze; urgency=low

  * Build for openKylin.

 -- openKylinBot <email address hidden>  Mon, 25 Apr 2022 22:03:04 +0800