Diffusion FreeBSD src repository f10f65999fe5

libarchive: merge security fix from vendor branch
f10f65999fe5
Actions

Tags

None

Referenced Files

None

Subscribers

None

Description

libarchive: merge security fix from vendor branch

This commit fixes a couple of security vulnerabilities in the PAX writer:

Heap overflow in url_encode() in archive_write_set_format_pax.c
NULL dereference in archive_write_pax_header_xattrs()
Another NULL dereference in archive_write_pax_header_xattrs()
NULL dereference in archive_write_pax_header_xattr()

Security: No known reference yet
Obtained from: https://github.com/libarchive/libarchive/commit/1b4e0d0f9
MFC after: 3 days

Details

Provenance

mm	Authored on Sep 7 2023, 3:18 PM

Parents

rG2afef29b2c0b: syscons: refer to it as the legacy console
rGa5913a473bb0: Update vendor/libarchive to libarchive/libarchive@1b4e0d0f9

Branches

Unknown

Tags

Unknown

Event Timeline

mm committed rGf10f65999fe5: libarchive: merge security fix from vendor branch (authored by mm).Sep 7 2023, 3:22 PM

mm mentioned this in rG0c9b0086715b: libarchive: merge security fix from vendor branch.Sep 11 2023, 7:02 AM

mm mentioned this in rG914c7f5f2a67: libarchive: merge security fix from vendor branch.

mm mentioned this in rGaf386f70fa0c: libarchive: merge security fix from vendor branch.

mm mentioned this in rG5ed7eb0d97ba: libarchive: merge security fix from vendor branch.Sep 11 2023, 7:06 AM

mm mentioned this in rGf0ed478f0596: libarchive: merge security fix from vendor branch.Sep 11 2023, 7:45 PM

Merged Changes

a5913a473bb0 Update vendor/libarchive to libarchive/libarchive@1b4e0d0f9
Author
mm
Browse Repository
No Builds
No Audits

Changes (1)

Path

Size

contrib/

libarchive/

libarchive/

archive_write_set_format_pax.c

rGf10f65999fe5

contrib/libarchive/libarchive/archive_write_set_format_pax.c

Loading...