From: Adolf Belka Date: Mon, 29 Mar 2021 11:44:14 +0000 (+0200) Subject: bzip2: Update to 1.0.8 X-Git-Tag: v2.25-core156~8^2~205 X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=d315898acd71ba062a2d8f7e64a8eae223d41124;p=ipfire-2.x.git bzip2: Update to 1.0.8 - Update from 1.0.6 to 1.0.8 - Update of rootfile - Changelog 1.0.8 (13 Jul 19) * Accept as many selectors as the file format allows. This relaxes the fix for CVE-2019-12900 from 1.0.7 so that bzip2 allows decompression of bz2 files that use (too) many selectors again. * Fix handling of large (> 4GB) files on Windows. * Cleanup of bzdiff and bzgrep scripts so they don't use any bash extensions and handle multiple archives correctly. * There is now a bz2-files testsuite at https://sourceware.org/git/bzip2-tests.git 1.0.7 (27 Jun 19) * Fix undefined behavior in the macros SET_BH, CLEAR_BH, & ISSET_BH * bzip2: Fix return value when combining --test,-t and -q. * bzip2recover: Fix buffer overflow for large argv[0] * bzip2recover: Fix use after free issue with outFile (CVE-2016-3189) * Make sure nSelectors is not out of range (CVE-2019-12900) Signed-off-by: Adolf Belka Signed-off-by: Michael Tremer --- diff --git a/config/rootfiles/common/bzip2 b/config/rootfiles/common/bzip2 index f6ad610d40..9a8e88148f 100644 --- a/config/rootfiles/common/bzip2 +++ b/config/rootfiles/common/bzip2 @@ -2,7 +2,7 @@ bin/bunzip2 bin/bzcat bin/bzip2 lib/libbz2.so.1.0 -lib/libbz2.so.1.0.6 +lib/libbz2.so.1.0.8 usr/bin/bunzip2 usr/bin/bzcat usr/bin/bzcmp diff --git a/lfs/bzip2 b/lfs/bzip2 index da20ce68cc..9c6f9c5a4d 100644 --- a/lfs/bzip2 +++ b/lfs/bzip2 @@ -24,7 +24,7 @@ include Config -VER = 1.0.6 +VER = 1.0.8 THISAPP = bzip2-$(VER) DL_FILE = $(THISAPP).tar.gz @@ -47,7 +47,7 @@ objects = $(DL_FILE) $(DL_FILE) = $(DL_FROM)/$(DL_FILE) -$(DL_FILE)_MD5 = 00b516f4704d4a7cb50a1d97e6e8e15b +$(DL_FILE)_MD5 = 67e051268d0c475ea773822f7500d0e5 install : $(TARGET)