libarchive: upgrade 3.7.7 -> 3.7.8

This upgrade includes fix for CVE-2024-57970, CVE-2025-25724 and CVE-2025-1632 Changelog: ========== Libarchive 3.7.8 is a bugfix and security release Security fixes: tar reader: Handle truncation in the middle of a GNU long linkname (#2422, CVE-2024-57970) unzip: fix null pointer dereference (#2532, CVE-2025-1632) tar reader: fix unchecked return value in list_item_verbose() (#2532, CVE-2025-25724) Important bugfixes: 7zip reader: add SPARC (#2399) and POWERPC (#2459) filter support for non-LZMA compressors tar reader: Ignore ustar size when pax size is present (#2405) tar writer: Fix bug when -s/a/b/ used more than once with b flag (#2435) cpio: Fix a Y2038 bug on Windows (#2471) libarchive: Handle ARCHIVE_FILTER_LZOP in archive_read_append_filter (#2519) libarchive: Adding missing seeker function to archive_read_open_FILE() (#2539) (From OE-Core rev: 861d6a37e9457510e526c7cd5a63c82d9c48b591) Signed-off-by: Yogita Urade <yogita.urade@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
author: Yogita Urade <yogita.urade@windriver.com> 2025-03-25 09:07:33 +0000
committer: Richard Purdie <richard.purdie@linuxfoundation.org> 2025-03-25 21:20:41 +0000
commit: 743d30e8548b45658589ce5e2a25edaba2ce402d (patch)
tree: 0dd89c67410bc243ccc3b1f676614ce685a40eb8 /meta/recipes-extended/libarchive
parent: 41dbf14659b74ed5ce5eee98eab1da69b60de831 (diff)
download: poky-743d30e8548b45658589ce5e2a25edaba2ce402d.tar.gz
1 files changed, 1 insertions, 1 deletions
diff --git a/meta/recipes-extended/libarchive/libarchive_3.7.7.bb b/meta/recipes-extended/libarchive/libarchive_3.7.8.bb
index 0a0a6b374b..d78b38d3e9 100644
--- a/meta/recipes-extended/libarchive/libarchive_3.7.7.bb
+++ b/meta/recipes-extended/libarchive/libarchive_3.7.8.bb
@@ -33,7 +33,7 @@ SRC_URI = "https://libarchive.org/downloads/libarchive-${PV}.tar.gz"
 UPSTREAM_CHECK_URI = "http://libarchive.org/"
-SRC_URI[sha256sum] = "4cc540a3e9a1eebdefa1045d2e4184831100667e6d7d5b315bb1cbc951f8ddff"
+SRC_URI[sha256sum] = "a123d87b1bd8adb19e8c187da17ae2d957c7f9596e741b929e6b9ceefea5ad0f"
 CVE_STATUS[CVE-2023-30571] = "upstream-wontfix: upstream has documented that reported function is not thread-safe"
author	Yogita Urade <yogita.urade@windriver.com>	2025-03-25 09:07:33 +0000
committer	Richard Purdie <richard.purdie@linuxfoundation.org>	2025-03-25 21:20:41 +0000
commit	743d30e8548b45658589ce5e2a25edaba2ce402d (patch)
tree	0dd89c67410bc243ccc3b1f676614ce685a40eb8 /meta/recipes-extended/libarchive
parent	41dbf14659b74ed5ce5eee98eab1da69b60de831 (diff)
download	poky-743d30e8548b45658589ce5e2a25edaba2ce402d.tar.gz

diff --git a/meta/recipes-extended/libarchive/libarchive_3.7.7.bb b/meta/recipes-extended/libarchive/libarchive_3.7.8.bb index 0a0a6b374b..d78b38d3e9 100644 --- a/meta/recipes-extended/libarchive/libarchive_3.7.7.bb +++ b/meta/recipes-extended/libarchive/libarchive_3.7.8.bb
@@ -33,7 +33,7 @@ SRC_URI = "https://libarchive.org/downloads/libarchive-${PV}.tar.gz"
33		33
34	UPSTREAM_CHECK_URI = "http://libarchive.org/"	34	UPSTREAM_CHECK_URI = "http://libarchive.org/"
35		35
36	SRC_URI[sha256sum] = "4cc540a3e9a1eebdefa1045d2e4184831100667e6d7d5b315bb1cbc951f8ddff"	36	SRC_URI[sha256sum] = "a123d87b1bd8adb19e8c187da17ae2d957c7f9596e741b929e6b9ceefea5ad0f"
37		37
38	CVE_STATUS[CVE-2023-30571] = "upstream-wontfix: upstream has documented that reported function is not thread-safe"	38	CVE_STATUS[CVE-2023-30571] = "upstream-wontfix: upstream has documented that reported function is not thread-safe"
39		39