HomeFreeBSD
Diffusion FreeBSD src repository - subversion rS306322

MFC r305819:
rS306322
Actions

Description

MFC r305819:
Sync libarchive with vendor including important security fixes.

Issues fixed (FreeBSD):
PR #778: ACL error handling
Issue #745: Symlink check prefix optimization is too aggressive
Issue #746: Hard links with data can evade sandboxing restrictions

This update fixes the vulnerability #3 and vulnerability #4 as reported in
"non-cryptanalytic attacks against FreeBSD update components".
https://gist.github.com/anonymous/e48209b03f1dd9625a992717e7b89c4f

Fix for vulnerability #2 has already been merged in r305192.

Security: http://gist.github.com/anonymous/e48209b03f1dd9625a992717e7b89c4f

Details

Provenance
mmAuthored on
Parents
rS306321: MFC r305819:
Branches
Unknown
Tags
Unknown

Changes (11)

PathSize
stable/
10/
contrib/
libarchive/
libarchive/
test/
lib/
libarchive/
tests/

rS306322

View Options

stable/10/

Loading...
View Options

stable/10/contrib/libarchive/libarchive/archive_platform.h

Loading...
View Options

stable/10/contrib/libarchive/libarchive/archive_read_disk_entry_from_file.c

Loading...
View Options

stable/10/contrib/libarchive/libarchive/archive_read_disk_posix.c

Loading...
View Options

stable/10/contrib/libarchive/libarchive/archive_read_support_format_tar.c

Loading...
View Options

stable/10/contrib/libarchive/libarchive/archive_write_disk_acl.c

Loading...
View Options

stable/10/contrib/libarchive/libarchive/archive_write_disk_posix.c

Loading...
View Options

stable/10/contrib/libarchive/libarchive/test/test_write_disk_secure745.c

Loading...
View Options

stable/10/contrib/libarchive/libarchive/test/test_write_disk_secure746.c

Loading...
View Options

stable/10/contrib/libarchive/libarchive/test/test_write_format_gnutar_filenames.c

Loading...
View Options

stable/10/lib/libarchive/tests/Makefile

Loading...