git.ipfire.org Git - thirdparty/openembedded/openembedded-core.git/commit

author	Alexander Kanavin <alex.kanavin@gmail.com>
	Wed, 28 Dec 2022 07:37:18 +0000 (08:37 +0100)
committer	Steve Sakoman <steve@sakoman.com>
	Wed, 11 Jan 2023 16:07:36 +0000 (06:07 -1000)
commit	4dd785cc05fd57f6cce8838cca7379c6e0bfd15c
tree	0569b6979bc55ce7992514119db69841f2e26129	tree
parent	fbf8ea03aeb04e1efdc9693a66d618275bddc172	commit \| diff

libarchive: upgrade 3.6.1 -> 3.6.2

Libarchive 3.6.2 is a bugfix and security release.

Important security fixes:

NULL pointer dereference vulnerability in archive_write.c (#1754, #1759, CVE-2022-36227)

Important bug fixes:

include ZSTD in Windows builds (#1688)
SSL fixes on Windows (#1714, #1723, #1724)
rar5 reader: fix possible garbled output with bsdtar -O (#1745)
mtree reader: support reading mtree files with tabs (#1783)
various small fixes for issues found by CodeQL

Use --without-iconv as otherwise autotools write a bogus iconv
dependency into .pc file.

Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit edce1bce81fe2f47fb2c5e2b94ebda73f95cbaea)
Signed-off-by: Steve Sakoman <steve@sakoman.com>

meta/recipes-extended/libarchive/libarchive/0001-libarchive-Do-not-include-sys-mount.h-when-linux-fs..patch	[deleted file]	blob \| blame \| history
meta/recipes-extended/libarchive/libarchive/CVE-2022-36227.patch	[deleted file]	blob \| blame \| history
meta/recipes-extended/libarchive/libarchive_3.6.2.bb	[moved from meta/recipes-extended/libarchive/libarchive_3.6.1.bb with 89% similarity]	diff \| blob \| blame \| history