Index index by Group index by Distribution index by Vendor index by creation date index by Name Mirrors Help Search

libarchive-devel-3.8.7-1.1 RPM for i586

From OpenSuSE Ports Tumbleweed for i586

Name: libarchive-devel Distribution: openSUSE Tumbleweed
Version: 3.8.7 Vendor: openSUSE
Release: 1.1 Build date: Mon Apr 13 16:32:28 2026
Group: Development/Libraries/C and C++ Build host: reproducible
Size: 203837 Source RPM: libarchive-3.8.7-1.1.src.rpm
Packager: http://bugs.opensuse.org
Url: https://www.libarchive.org/
Summary: Development files for libarchive
Libarchive is a programming library that can create and read several
different streaming archive formats, including most popular tar
variants and several cpio formats. It can also write shar archives and
read ISO-9660 CDROM images. The bsdtar program is an implementation of
tar(1) that is built on top of libarchive. It started as a test
harness, but has grown and is now the standard system tar for FreeBSD 5
and 6.

This package contains the development files.

Provides

Requires

License

BSD-2-Clause

Changelog

* Mon Apr 13 2026 Marius Grossu <marius.grossu@suse.com>
  - Update to 3.8.7:
    * CAB: fix NULL pointer dereference during skip (#2900)
    * CAB: Fix Heap OOB Write in CAB LZX decoder (#2919)
    * cpio: various fixes and improvements (#2899, #2908, #2910, #2939)
    * contrib/untar: fix out-of-bounds read (#2903)
    * iso9660: fix undefined behavior (#2897)
    * iso9660: fix posibble heap buffer overflow on 32-bit systems (#2934)
    * libarchive: fix handling of option failures (#2871)
    * libarchive: do not continue with truncated numbers (#2911)
    * libarchive: lzop and grzip filter support (#2947)
    * RAR: fix LZSS window size mismatch after PPMd block (#2898)
  - Added add-missing-tests.patch: the distributed tarball is missing a test file, add it back
  - Removed libarchive-3.8.6-add-missing-test.patch
* Sun Mar 29 2026 Andreas Stieger <andreas.stieger@gmx.de>
  - update to 3.8.6:
    * fix incompatibility with Nettle 4.x (boo#1257934)
    * fix NULL pointer dereference in archive_acl_from_text_w() (boo#1260998)
    * bsdunzip: fix ISO week year and Gregorian year confusion
    * 7zip: fix SEGV in check_7zip_header_in_sfx via ELF offset validation (boo#1260999)
    * 7zip: fix out-of-bounds access on ELF 64-bit header (boo#1261000)
    * RAR5 reader: fix infinite loop in rar5 decompression (boo#1261001)
    * RAR5 reader: fix potential memory leak (boo#1261002)
    * RAR5: fix SIGSEGV when archive_read_support_format_rar5 is called twice
    * CAB reader: fix memory leak on repeated calls to archive_read_support_format_cab
    * mtree reader: Fix file descriptor leak in mtree parser cleanup (boo#1261003)
    * various small bugfixes in code and documentation
  - the distributed tarball is missing a test file, add it back
    add libarchive-3.8.6-add-missing-test.patch
* Fri Jan 09 2026 Marius Grossu <marius.grossu@suse.com>
  - Update to 3.8.5:
    * bsdtar: fix regression from 3.8.4 zero-length pattern issue bugfix (#2809)
    * various small bugfixes in code and documentation
  - Remove libarchive-3.8.4-tar-fix-tests.patch to fix tests
* Tue Dec 09 2025 Andreas Stieger <andreas.stieger@gmx.de>
  - Update to 3.8.4:
    * bsdtar: Fix zero-length pattern issue
    * lib: Fix regression introduced in libarchive 3.8.2 when walking
      enterable but unreadable directories
  - add libarchive-3.8.4-tar-fix-tests.patch to fix tests
* Sat Nov 29 2025 Andreas Stieger <andreas.stieger@gmx.de>
  - Update to 3.8.3:
    * lib: Create temporary files in the target directory
      (boo#1254340)
    * lha: Fix for an out-of-bounds buffer overrun when using
      p[H_LEVEL_OFFSET] (boo#1254341)
    * 7-zip: Fix a buffer overrun when reading truncated 7zip headers
      (boo#1254342)
    * lz4 and zstd: Support both lz4 and zstd data with leading
      skippable frames
  - update upstream signing key
* Fri Oct 31 2025 Adrian Schröter <adrian@suse.de>
  - update to 3.8.2:
    Security fixes:
    * 7zip: Fix out of boundary access
    * tar reader: fix checking the result of the strftime (CVE-2025-25724)
    Notable bugfixes:
    * bsdtar: Allow filename to have CRLF endings
    * lib: archive_read_data: handle sparse holes at end of file correctly
    * lib: improve filter process handling
    * lib: fix error checking in writing files
    * lib: handle possible errors from system calls
    * lib: avoid leaking file descriptors into subprocesses
    * lib: parse_date: handle dates in 2038 and beyond if time_t is big enough
    * RAR5 reader: fix multiple issues in extra field parsing function
    * RAR5 reader: early fail when file declares data for a dir entry
    * tar writer: fix replacing a regular file with a dir for ARCHIVE_EXTRACT_SAFE_WRITES
    * tar reader (Windows): check WCS pathname in header_gnutar before overwriting
    * tar reader: fix an infinite loop when parsing V headers
    * zip writer: fix a memory leak if write callback error early
    * zip writer: fix writing with ZSTD compression
    * zstd write filter: enable Zstandard's checksum feature
* Thu Jun 05 2025 Andreas Stieger <andreas.stieger@gmx.de>
  - update to 3.8.1:
    * libarchive: fix FILE_skip regression
    * compress: Prevent call stack overflow
    * iso9660: always check archive_string_ensure return value
    * tar: Support negative time values with pax
    * tar: Reset accumulated header state after reading macOS metadata blob
    * tar: Keep block alignment after pax error
    * tar: Handle extra bytes after sparse entries
  - includes changes from 3.8.0:
    * bsdtar: support --mtime and --clamp-mtime
    * 7-zip reader: improve self-extracting archive detection
    * xar: xmllite support for the XAR reader and writer
    * zip writer: added XZ, LZMA, ZSTD and BZIP2 support
    * zip writer: added LZMA + RISCV BCJ filter
    * rar: do not skip past EOF while reading (boo#1244159)
    * rar: fix double free with over 4 billion nodes (boo#1244160)
    * rar: fix heap-buffer-overflow (boo#1244161)
    * warc: prevent signed integer overflow (boo#1244162)
    * tar: fix overflow in build_ustar_entry (boo#1244163)
    * bsdtar: don't hardlink negative inode files together
    * gz: allow setting the original filename for gzip compressed files
    * lib: improve lseek handling
    * lib: support @-prefixed Unix epoch timestamps as date strings
    * rar: support large headers on 32 bit systems
    * tar reader: Improve LFS support on 32 bit systems
  - drop lib-suffix.patch, different implementation upstream
  - spec file clean-up, removing currently unused -static
* Sat Apr 05 2025 Andreas Stieger <andreas.stieger@gmx.de>
  - Update to 3.7.9:
    * fix regression regarding GNU sparse entries
* Sun Mar 23 2025 Andreas Stieger <andreas.stieger@gmx.de>
  - Update to 3.7.8:
    * 7zip reader: add SPARC and POWERPC filter support for non-LZMA compressors
    * tar reader: Ignore ustar size when pax size is present
    * tar writer: Fix bug when -s/a/b/ used more than once with b flag
    * libarchive: Handle ARCHIVE_FILTER_LZOP in archive_read_append_filter
    * libarchive: Adding missing seeker function to archive_read_open_FILE()
  - inludes the previously patched security fixes, dropping:
    CVE-2025-1632.patch, CVE-2025-25724.patch, CVE-2024-57970.patch
* Tue Mar 11 2025 Marius Grossu <marius.grossu@suse.com>
  - Fix CVE-2025-1632, null pointer dereference in bsdunzip.c
    (CVE-2025-1632, bsc#1237606)
    * CVE-2025-1632.patch
  - Fix CVE-2025-25724, Buffer Overflow vulnerability in libarchive
    (CVE-2025-25724, bsc#1238610)
    * CVE-2025-25724.patch
* Tue Feb 25 2025 Antonio Teixeira <antonio.teixeira@suse.com>
  - Fix CVE-2024-57970, heap-based buffer over-read in header_gnu_longlink
    because it mishandles truncation (CVE-2024-57970, bsc#1237233)
    * CVE-2024-57970.patch
* Thu Oct 17 2024 Antonio Teixeira <antonio.teixeira@suse.com>
  - Update to 3.7.7:
    * gzip: prevent a hang when processing a malformed gzip inside a gzip
    * tar: don't crash on truncated tar archives
    * tar: fix two leaks in tar header parsing
    * 7-zip: read/write symlink paths as UTF-8
    * cpio: exit with an error code if an entry could not be extracted
    * rar5: report encrypted entries
    * tar: fix truncation of entry pathnames in specific archives
* Fri Sep 27 2024 Antonio Teixeira <antonio.teixeira@suse.com>
  - Update to 3.7.6:
    * tar: clean up linkpath between entries
    * tar: fix memory leaks when processing symlinks or parsing pax headers
    * iso: be more cautious about parsing ISO-9660 timestamps
  - Version 3.7.5 changes:
    * fix multiple vulnerabilities identified by SAST
    * cpio: ignore out-of-range gid/uid/size/ino and harden AFIO parsing
    * lzop: prevent integer overflow
    * rar4: protect copy_from_lzss_window_to_unp() (CVE-2024-20696, bsc#1225971)
    * rar4: fix CVE-2024-26256 (CVE-2024-26256, bsc#1225972)
    * rar4: fix OOB in delta and audio filter
    * rar4: fix out of boundary access with large files
    * rar4: add boundary checks to rgb filter
    * rar4: fix OOB access with unicode filenames
    * rar5: clear 'data ready' cache on window buffer reallocs
    * rpm: calculate huge header sizes correctly
    * unzip: unify EOF handling
    * util: fix out of boundary access in mktemp functions
    * uu: stop processing if lines are too long
    * 7zip: fix issue when skipping first file in 7zip archive that is a multiple
      of 65536 bytes
    * ar: fix archive entries having no type
    * lha: do not allow negative file sizes
    * lha: fix integer truncation on 32-bit systems
    * shar: check strdup return value
    * rar5: don't try to read rediculously long names
    * xar: fix another infinite loop and expat error handling
    * many Windows fixes, cleanups and improvements
  - Drop fix-soversion.patch, fix-bsdunzip-test.patch
    * Fixed upstream
* Thu Jun 20 2024 Antonio Teixeira <antonio.teixeira@suse.com>
  - Update lib-suffix.patch
    * Add LIB_SUFFIX to libdir path in the pkg-config file
* Wed May 22 2024 Danilo Spinella <danilo.spinella@suse.com>
  - Fix bsdunzip test failing due to a locale issue
    * fix-bsdunzip-test.patch
* Tue Apr 30 2024 Danilo Spinella <danilo.spinella@suse.com>
  - Update to 3.7.4:
    * rar: Fix OOB in rar e8 filter (CVE-2024-26256, bsc#1222911)
    * zip: Fix out of boundary access
    * 7zip: Limit amount of properties
    * bsdtar: Fix error handling around strtol() usages
    * passphrase: Improve newline handling on Windows
    * passphrase: Never allow empty passwords
    * rar: Fix "File CRC Error" when extracting specific rar4 archives
    * xar: Avoid infinite link loop
    * zip: Update AppleDouble support for directories
    * zstd: Implement core detection
  - Update to 3.7.3:
    * PCRE2 support
    * add trailing letter b to bsdtar(1) substitute pattern
    * add support for long options "--group" and "--owner" to tar(1)
    * Fix possible vulnerability in tar error reporting introduced in f27c173
    * ISO9660: preserve the natural order of links
    * rar5: fix decoding unicode filenames on Windows
    * rar5: fix infinite loop if during rar5 decompression the last block produced no data
    * xz filter: fix incorrect eof at the end of an lzip member
    * zip: fix end-of-data marker processing when decompressing zip archives
    * multiple bsdunzip(1) fixes
    * filetime truncation fix on Windows
  - Fix rpmlint warning about summary being too long
* Fri Dec 29 2023 Dirk Müller <dmueller@suse.com>
  - skip write tests on 32bit, they OOM
* Sun Sep 17 2023 Dirk Müller <dmueller@suse.com>
  - update to 3.7.2:
    * Multiple vulnerabilities have been fixed in the PAX writer
    * bsdunzip(1) now correctly handles arguments following an
    - x after the zipfile
    * zstd filter now supports the "long" write option
    * SEGV and stack buffer overflow in verbose mode of cpio
    * bsdunzip updated to match latest upstream code
    * miscellaneous functional bugfixes
* Mon Jul 24 2023 Bernhard Wiedemann <bwiedemann@suse.com>
  - update to 3.7.0
    * bsdunzip port from FreeBSD
    * fix 2 year 2038 issues

Files

/usr/include/archive.h
/usr/include/archive_entry.h
/usr/lib/libarchive.so
/usr/lib/pkgconfig/libarchive.pc
/usr/share/doc/packages/libarchive-devel
/usr/share/doc/packages/libarchive-devel/examples
/usr/share/doc/packages/libarchive-devel/examples/minitar
/usr/share/doc/packages/libarchive-devel/examples/minitar/README
/usr/share/doc/packages/libarchive-devel/examples/minitar/minitar.c
/usr/share/doc/packages/libarchive-devel/examples/tarfilter.c
/usr/share/doc/packages/libarchive-devel/examples/untar.c
/usr/share/licenses/libarchive-devel
/usr/share/licenses/libarchive-devel/COPYING
/usr/share/man/man3/archive_entry.3.gz
/usr/share/man/man3/archive_entry_acl.3.gz
/usr/share/man/man3/archive_entry_linkify.3.gz
/usr/share/man/man3/archive_entry_misc.3.gz
/usr/share/man/man3/archive_entry_paths.3.gz
/usr/share/man/man3/archive_entry_perms.3.gz
/usr/share/man/man3/archive_entry_stat.3.gz
/usr/share/man/man3/archive_entry_time.3.gz
/usr/share/man/man3/archive_read.3.gz
/usr/share/man/man3/archive_read_add_passphrase.3.gz
/usr/share/man/man3/archive_read_data.3.gz
/usr/share/man/man3/archive_read_disk.3.gz
/usr/share/man/man3/archive_read_extract.3.gz
/usr/share/man/man3/archive_read_filter.3.gz
/usr/share/man/man3/archive_read_format.3.gz
/usr/share/man/man3/archive_read_free.3.gz
/usr/share/man/man3/archive_read_header.3.gz
/usr/share/man/man3/archive_read_new.3.gz
/usr/share/man/man3/archive_read_open.3.gz
/usr/share/man/man3/archive_read_set_options.3.gz
/usr/share/man/man3/archive_util.3.gz
/usr/share/man/man3/archive_write.3.gz
/usr/share/man/man3/archive_write_blocksize.3.gz
/usr/share/man/man3/archive_write_data.3.gz
/usr/share/man/man3/archive_write_disk.3.gz
/usr/share/man/man3/archive_write_filter.3.gz
/usr/share/man/man3/archive_write_finish_entry.3.gz
/usr/share/man/man3/archive_write_format.3.gz
/usr/share/man/man3/archive_write_free.3.gz
/usr/share/man/man3/archive_write_header.3.gz
/usr/share/man/man3/archive_write_new.3.gz
/usr/share/man/man3/archive_write_open.3.gz
/usr/share/man/man3/archive_write_set_options.3.gz
/usr/share/man/man3/archive_write_set_passphrase.3.gz
/usr/share/man/man3/libarchive.3.gz
/usr/share/man/man3/libarchive_changes.3.gz
/usr/share/man/man3/libarchive_internals.3.gz


Generated by rpm2html 1.8.1

Fabrice Bellet, Tue Apr 21 22:39:17 2026