| Index | index by Group | index by Distribution | index by Vendor | index by creation date | index by Name | Mirrors | Help | Search |
| Name: libarchive-devel | Distribution: openSUSE Tumbleweed |
| Version: 3.8.7 | Vendor: openSUSE |
| Release: 1.1 | Build date: Mon Apr 13 16:32:28 2026 |
| Group: Development/Libraries/C and C++ | Build host: reproducible |
| Size: 203837 | Source RPM: libarchive-3.8.7-1.1.src.rpm |
| Packager: http://bugs.opensuse.org | |
| Url: https://www.libarchive.org/ | |
| Summary: Development files for libarchive | |
Libarchive is a programming library that can create and read several different streaming archive formats, including most popular tar variants and several cpio formats. It can also write shar archives and read ISO-9660 CDROM images. The bsdtar program is an implementation of tar(1) that is built on top of libarchive. It started as a test harness, but has grown and is now the standard system tar for FreeBSD 5 and 6. This package contains the development files.
BSD-2-Clause
* Mon Apr 13 2026 Marius Grossu <marius.grossu@suse.com>
- Update to 3.8.7:
* CAB: fix NULL pointer dereference during skip (#2900)
* CAB: Fix Heap OOB Write in CAB LZX decoder (#2919)
* cpio: various fixes and improvements (#2899, #2908, #2910, #2939)
* contrib/untar: fix out-of-bounds read (#2903)
* iso9660: fix undefined behavior (#2897)
* iso9660: fix posibble heap buffer overflow on 32-bit systems (#2934)
* libarchive: fix handling of option failures (#2871)
* libarchive: do not continue with truncated numbers (#2911)
* libarchive: lzop and grzip filter support (#2947)
* RAR: fix LZSS window size mismatch after PPMd block (#2898)
- Added add-missing-tests.patch: the distributed tarball is missing a test file, add it back
- Removed libarchive-3.8.6-add-missing-test.patch
* Sun Mar 29 2026 Andreas Stieger <andreas.stieger@gmx.de>
- update to 3.8.6:
* fix incompatibility with Nettle 4.x (boo#1257934)
* fix NULL pointer dereference in archive_acl_from_text_w() (boo#1260998)
* bsdunzip: fix ISO week year and Gregorian year confusion
* 7zip: fix SEGV in check_7zip_header_in_sfx via ELF offset validation (boo#1260999)
* 7zip: fix out-of-bounds access on ELF 64-bit header (boo#1261000)
* RAR5 reader: fix infinite loop in rar5 decompression (boo#1261001)
* RAR5 reader: fix potential memory leak (boo#1261002)
* RAR5: fix SIGSEGV when archive_read_support_format_rar5 is called twice
* CAB reader: fix memory leak on repeated calls to archive_read_support_format_cab
* mtree reader: Fix file descriptor leak in mtree parser cleanup (boo#1261003)
* various small bugfixes in code and documentation
- the distributed tarball is missing a test file, add it back
add libarchive-3.8.6-add-missing-test.patch
* Fri Jan 09 2026 Marius Grossu <marius.grossu@suse.com>
- Update to 3.8.5:
* bsdtar: fix regression from 3.8.4 zero-length pattern issue bugfix (#2809)
* various small bugfixes in code and documentation
- Remove libarchive-3.8.4-tar-fix-tests.patch to fix tests
* Tue Dec 09 2025 Andreas Stieger <andreas.stieger@gmx.de>
- Update to 3.8.4:
* bsdtar: Fix zero-length pattern issue
* lib: Fix regression introduced in libarchive 3.8.2 when walking
enterable but unreadable directories
- add libarchive-3.8.4-tar-fix-tests.patch to fix tests
* Sat Nov 29 2025 Andreas Stieger <andreas.stieger@gmx.de>
- Update to 3.8.3:
* lib: Create temporary files in the target directory
(boo#1254340)
* lha: Fix for an out-of-bounds buffer overrun when using
p[H_LEVEL_OFFSET] (boo#1254341)
* 7-zip: Fix a buffer overrun when reading truncated 7zip headers
(boo#1254342)
* lz4 and zstd: Support both lz4 and zstd data with leading
skippable frames
- update upstream signing key
* Fri Oct 31 2025 Adrian Schröter <adrian@suse.de>
- update to 3.8.2:
Security fixes:
* 7zip: Fix out of boundary access
* tar reader: fix checking the result of the strftime (CVE-2025-25724)
Notable bugfixes:
* bsdtar: Allow filename to have CRLF endings
* lib: archive_read_data: handle sparse holes at end of file correctly
* lib: improve filter process handling
* lib: fix error checking in writing files
* lib: handle possible errors from system calls
* lib: avoid leaking file descriptors into subprocesses
* lib: parse_date: handle dates in 2038 and beyond if time_t is big enough
* RAR5 reader: fix multiple issues in extra field parsing function
* RAR5 reader: early fail when file declares data for a dir entry
* tar writer: fix replacing a regular file with a dir for ARCHIVE_EXTRACT_SAFE_WRITES
* tar reader (Windows): check WCS pathname in header_gnutar before overwriting
* tar reader: fix an infinite loop when parsing V headers
* zip writer: fix a memory leak if write callback error early
* zip writer: fix writing with ZSTD compression
* zstd write filter: enable Zstandard's checksum feature
* Thu Jun 05 2025 Andreas Stieger <andreas.stieger@gmx.de>
- update to 3.8.1:
* libarchive: fix FILE_skip regression
* compress: Prevent call stack overflow
* iso9660: always check archive_string_ensure return value
* tar: Support negative time values with pax
* tar: Reset accumulated header state after reading macOS metadata blob
* tar: Keep block alignment after pax error
* tar: Handle extra bytes after sparse entries
- includes changes from 3.8.0:
* bsdtar: support --mtime and --clamp-mtime
* 7-zip reader: improve self-extracting archive detection
* xar: xmllite support for the XAR reader and writer
* zip writer: added XZ, LZMA, ZSTD and BZIP2 support
* zip writer: added LZMA + RISCV BCJ filter
* rar: do not skip past EOF while reading (boo#1244159)
* rar: fix double free with over 4 billion nodes (boo#1244160)
* rar: fix heap-buffer-overflow (boo#1244161)
* warc: prevent signed integer overflow (boo#1244162)
* tar: fix overflow in build_ustar_entry (boo#1244163)
* bsdtar: don't hardlink negative inode files together
* gz: allow setting the original filename for gzip compressed files
* lib: improve lseek handling
* lib: support @-prefixed Unix epoch timestamps as date strings
* rar: support large headers on 32 bit systems
* tar reader: Improve LFS support on 32 bit systems
- drop lib-suffix.patch, different implementation upstream
- spec file clean-up, removing currently unused -static
* Sat Apr 05 2025 Andreas Stieger <andreas.stieger@gmx.de>
- Update to 3.7.9:
* fix regression regarding GNU sparse entries
* Sun Mar 23 2025 Andreas Stieger <andreas.stieger@gmx.de>
- Update to 3.7.8:
* 7zip reader: add SPARC and POWERPC filter support for non-LZMA compressors
* tar reader: Ignore ustar size when pax size is present
* tar writer: Fix bug when -s/a/b/ used more than once with b flag
* libarchive: Handle ARCHIVE_FILTER_LZOP in archive_read_append_filter
* libarchive: Adding missing seeker function to archive_read_open_FILE()
- inludes the previously patched security fixes, dropping:
CVE-2025-1632.patch, CVE-2025-25724.patch, CVE-2024-57970.patch
* Tue Mar 11 2025 Marius Grossu <marius.grossu@suse.com>
- Fix CVE-2025-1632, null pointer dereference in bsdunzip.c
(CVE-2025-1632, bsc#1237606)
* CVE-2025-1632.patch
- Fix CVE-2025-25724, Buffer Overflow vulnerability in libarchive
(CVE-2025-25724, bsc#1238610)
* CVE-2025-25724.patch
* Tue Feb 25 2025 Antonio Teixeira <antonio.teixeira@suse.com>
- Fix CVE-2024-57970, heap-based buffer over-read in header_gnu_longlink
because it mishandles truncation (CVE-2024-57970, bsc#1237233)
* CVE-2024-57970.patch
* Thu Oct 17 2024 Antonio Teixeira <antonio.teixeira@suse.com>
- Update to 3.7.7:
* gzip: prevent a hang when processing a malformed gzip inside a gzip
* tar: don't crash on truncated tar archives
* tar: fix two leaks in tar header parsing
* 7-zip: read/write symlink paths as UTF-8
* cpio: exit with an error code if an entry could not be extracted
* rar5: report encrypted entries
* tar: fix truncation of entry pathnames in specific archives
* Fri Sep 27 2024 Antonio Teixeira <antonio.teixeira@suse.com>
- Update to 3.7.6:
* tar: clean up linkpath between entries
* tar: fix memory leaks when processing symlinks or parsing pax headers
* iso: be more cautious about parsing ISO-9660 timestamps
- Version 3.7.5 changes:
* fix multiple vulnerabilities identified by SAST
* cpio: ignore out-of-range gid/uid/size/ino and harden AFIO parsing
* lzop: prevent integer overflow
* rar4: protect copy_from_lzss_window_to_unp() (CVE-2024-20696, bsc#1225971)
* rar4: fix CVE-2024-26256 (CVE-2024-26256, bsc#1225972)
* rar4: fix OOB in delta and audio filter
* rar4: fix out of boundary access with large files
* rar4: add boundary checks to rgb filter
* rar4: fix OOB access with unicode filenames
* rar5: clear 'data ready' cache on window buffer reallocs
* rpm: calculate huge header sizes correctly
* unzip: unify EOF handling
* util: fix out of boundary access in mktemp functions
* uu: stop processing if lines are too long
* 7zip: fix issue when skipping first file in 7zip archive that is a multiple
of 65536 bytes
* ar: fix archive entries having no type
* lha: do not allow negative file sizes
* lha: fix integer truncation on 32-bit systems
* shar: check strdup return value
* rar5: don't try to read rediculously long names
* xar: fix another infinite loop and expat error handling
* many Windows fixes, cleanups and improvements
- Drop fix-soversion.patch, fix-bsdunzip-test.patch
* Fixed upstream
* Thu Jun 20 2024 Antonio Teixeira <antonio.teixeira@suse.com>
- Update lib-suffix.patch
* Add LIB_SUFFIX to libdir path in the pkg-config file
* Wed May 22 2024 Danilo Spinella <danilo.spinella@suse.com>
- Fix bsdunzip test failing due to a locale issue
* fix-bsdunzip-test.patch
* Tue Apr 30 2024 Danilo Spinella <danilo.spinella@suse.com>
- Update to 3.7.4:
* rar: Fix OOB in rar e8 filter (CVE-2024-26256, bsc#1222911)
* zip: Fix out of boundary access
* 7zip: Limit amount of properties
* bsdtar: Fix error handling around strtol() usages
* passphrase: Improve newline handling on Windows
* passphrase: Never allow empty passwords
* rar: Fix "File CRC Error" when extracting specific rar4 archives
* xar: Avoid infinite link loop
* zip: Update AppleDouble support for directories
* zstd: Implement core detection
- Update to 3.7.3:
* PCRE2 support
* add trailing letter b to bsdtar(1) substitute pattern
* add support for long options "--group" and "--owner" to tar(1)
* Fix possible vulnerability in tar error reporting introduced in f27c173
* ISO9660: preserve the natural order of links
* rar5: fix decoding unicode filenames on Windows
* rar5: fix infinite loop if during rar5 decompression the last block produced no data
* xz filter: fix incorrect eof at the end of an lzip member
* zip: fix end-of-data marker processing when decompressing zip archives
* multiple bsdunzip(1) fixes
* filetime truncation fix on Windows
- Fix rpmlint warning about summary being too long
* Fri Dec 29 2023 Dirk Müller <dmueller@suse.com>
- skip write tests on 32bit, they OOM
* Sun Sep 17 2023 Dirk Müller <dmueller@suse.com>
- update to 3.7.2:
* Multiple vulnerabilities have been fixed in the PAX writer
* bsdunzip(1) now correctly handles arguments following an
- x after the zipfile
* zstd filter now supports the "long" write option
* SEGV and stack buffer overflow in verbose mode of cpio
* bsdunzip updated to match latest upstream code
* miscellaneous functional bugfixes
* Mon Jul 24 2023 Bernhard Wiedemann <bwiedemann@suse.com>
- update to 3.7.0
* bsdunzip port from FreeBSD
* fix 2 year 2038 issues
/usr/include/archive.h /usr/include/archive_entry.h /usr/lib/libarchive.so /usr/lib/pkgconfig/libarchive.pc /usr/share/doc/packages/libarchive-devel /usr/share/doc/packages/libarchive-devel/examples /usr/share/doc/packages/libarchive-devel/examples/minitar /usr/share/doc/packages/libarchive-devel/examples/minitar/README /usr/share/doc/packages/libarchive-devel/examples/minitar/minitar.c /usr/share/doc/packages/libarchive-devel/examples/tarfilter.c /usr/share/doc/packages/libarchive-devel/examples/untar.c /usr/share/licenses/libarchive-devel /usr/share/licenses/libarchive-devel/COPYING /usr/share/man/man3/archive_entry.3.gz /usr/share/man/man3/archive_entry_acl.3.gz /usr/share/man/man3/archive_entry_linkify.3.gz /usr/share/man/man3/archive_entry_misc.3.gz /usr/share/man/man3/archive_entry_paths.3.gz /usr/share/man/man3/archive_entry_perms.3.gz /usr/share/man/man3/archive_entry_stat.3.gz /usr/share/man/man3/archive_entry_time.3.gz /usr/share/man/man3/archive_read.3.gz /usr/share/man/man3/archive_read_add_passphrase.3.gz /usr/share/man/man3/archive_read_data.3.gz /usr/share/man/man3/archive_read_disk.3.gz /usr/share/man/man3/archive_read_extract.3.gz /usr/share/man/man3/archive_read_filter.3.gz /usr/share/man/man3/archive_read_format.3.gz /usr/share/man/man3/archive_read_free.3.gz /usr/share/man/man3/archive_read_header.3.gz /usr/share/man/man3/archive_read_new.3.gz /usr/share/man/man3/archive_read_open.3.gz /usr/share/man/man3/archive_read_set_options.3.gz /usr/share/man/man3/archive_util.3.gz /usr/share/man/man3/archive_write.3.gz /usr/share/man/man3/archive_write_blocksize.3.gz /usr/share/man/man3/archive_write_data.3.gz /usr/share/man/man3/archive_write_disk.3.gz /usr/share/man/man3/archive_write_filter.3.gz /usr/share/man/man3/archive_write_finish_entry.3.gz /usr/share/man/man3/archive_write_format.3.gz /usr/share/man/man3/archive_write_free.3.gz /usr/share/man/man3/archive_write_header.3.gz /usr/share/man/man3/archive_write_new.3.gz /usr/share/man/man3/archive_write_open.3.gz /usr/share/man/man3/archive_write_set_options.3.gz /usr/share/man/man3/archive_write_set_passphrase.3.gz /usr/share/man/man3/libarchive.3.gz /usr/share/man/man3/libarchive_changes.3.gz /usr/share/man/man3/libarchive_internals.3.gz
Generated by rpm2html 1.8.1
Fabrice Bellet, Tue Apr 21 22:39:17 2026