From c8bf51b2fe730f06508bdecedca2b291b2c8e67c Mon Sep 17 00:00:00 2001 From: Peter Marko Date: Wed, 22 Oct 2025 21:12:37 +0200 Subject: libarchive: upgrade 3.8.1 -> 3.8.2 https://github.com/libarchive/libarchive/releases/tag/v3.8.2 Libarchive 3.8.2 is a bugfix and security release. Security fixes: * 7zip: Fix out of boundary access (#2668) * tar reader: fix checking the result of the strftime (#2719, CVE-2025-25724) (From OE-Core rev: d858f87bc9baf4a01f977861c5521f2d5ffeb5fd) Signed-off-by: Peter Marko Signed-off-by: Mathieu Dubois-Briand Signed-off-by: Richard Purdie --- .../libarchive/libarchive_3.8.1.bb | 64 ---------------------- .../libarchive/libarchive_3.8.2.bb | 64 ++++++++++++++++++++++ 2 files changed, 64 insertions(+), 64 deletions(-) delete mode 100644 meta/recipes-extended/libarchive/libarchive_3.8.1.bb create mode 100644 meta/recipes-extended/libarchive/libarchive_3.8.2.bb (limited to 'meta') diff --git a/meta/recipes-extended/libarchive/libarchive_3.8.1.bb b/meta/recipes-extended/libarchive/libarchive_3.8.1.bb deleted file mode 100644 index 69520b1bad..0000000000 --- a/meta/recipes-extended/libarchive/libarchive_3.8.1.bb +++ /dev/null @@ -1,64 +0,0 @@ -SUMMARY = "Support for reading various archive formats" -DESCRIPTION = "C library and command-line tools for reading and writing tar, cpio, zip, ISO, and other archive formats" -HOMEPAGE = "http://www.libarchive.org/" -SECTION = "devel" -LICENSE = "BSD-2-Clause" -LIC_FILES_CHKSUM = "file://COPYING;md5=7ce08437ff7f5e24d72e666313ae4084" - -DEPENDS = "e2fsprogs-native" - -PACKAGECONFIG ?= "zlib bz2 xz zstd ${@bb.utils.filter('DISTRO_FEATURES', 'acl xattr', d)}" - -DEPENDS_BZIP2 = "bzip2-replacement-native" -DEPENDS_BZIP2:class-target = "bzip2" - -PACKAGECONFIG[acl] = "--enable-acl,--disable-acl,acl," -PACKAGECONFIG[xattr] = "--enable-xattr,--disable-xattr,attr," -PACKAGECONFIG[zlib] = "--with-zlib,--without-zlib,zlib," -PACKAGECONFIG[bz2] = "--with-bz2lib,--without-bz2lib,${DEPENDS_BZIP2}," -PACKAGECONFIG[xz] = "--with-lzma,--without-lzma,xz," -PACKAGECONFIG[openssl] = "--with-openssl,--without-openssl,openssl," -PACKAGECONFIG[libb2] = "--with-libb2,--without-libb2,libb2," -PACKAGECONFIG[libxml2] = "--with-xml2,--without-xml2,libxml2," -PACKAGECONFIG[expat] = "--with-expat,--without-expat,expat," -PACKAGECONFIG[lzo] = "--with-lzo2,--without-lzo2,lzo," -PACKAGECONFIG[nettle] = "--with-nettle,--without-nettle,nettle," -PACKAGECONFIG[lz4] = "--with-lz4,--without-lz4,lz4," -PACKAGECONFIG[mbedtls] = "--with-mbedtls,--without-mbedtls,mbedtls," -PACKAGECONFIG[zstd] = "--with-zstd,--without-zstd,zstd," - -EXTRA_OECONF += "--enable-largefile --without-iconv" - -SRC_URI = "https://libarchive.org/downloads/libarchive-${PV}.tar.gz" -UPSTREAM_CHECK_URI = "https://www.libarchive.org/" - -SRC_URI[sha256sum] = "bde832a5e3344dc723cfe9cc37f8e54bde04565bfe6f136bc1bd31ab352e9fab" - -inherit autotools update-alternatives pkgconfig - -CPPFLAGS += "-I${WORKDIR}/extra-includes" - -do_configure[cleandirs] += "${WORKDIR}/extra-includes" -do_configure:prepend() { - # We just need the headers for some type constants, so no need to - # build all of e2fsprogs for the target - cp -R ${STAGING_INCDIR_NATIVE}/ext2fs ${WORKDIR}/extra-includes/ -} - -ALTERNATIVE_PRIORITY = "80" - -PACKAGES =+ "bsdtar" -FILES:bsdtar = "${bindir}/bsdtar" - -ALTERNATIVE:bsdtar = "tar" -ALTERNATIVE_LINK_NAME[tar] = "${base_bindir}/tar" -ALTERNATIVE_TARGET[tar] = "${bindir}/bsdtar" - -PACKAGES =+ "bsdcpio" -FILES:bsdcpio = "${bindir}/bsdcpio" - -ALTERNATIVE:bsdcpio = "cpio" -ALTERNATIVE_LINK_NAME[cpio] = "${base_bindir}/cpio" -ALTERNATIVE_TARGET[cpio] = "${bindir}/bsdcpio" - -BBCLASSEXTEND = "native nativesdk" diff --git a/meta/recipes-extended/libarchive/libarchive_3.8.2.bb b/meta/recipes-extended/libarchive/libarchive_3.8.2.bb new file mode 100644 index 0000000000..d4f367009a --- /dev/null +++ b/meta/recipes-extended/libarchive/libarchive_3.8.2.bb @@ -0,0 +1,64 @@ +SUMMARY = "Support for reading various archive formats" +DESCRIPTION = "C library and command-line tools for reading and writing tar, cpio, zip, ISO, and other archive formats" +HOMEPAGE = "http://www.libarchive.org/" +SECTION = "devel" +LICENSE = "BSD-2-Clause" +LIC_FILES_CHKSUM = "file://COPYING;md5=7ce08437ff7f5e24d72e666313ae4084" + +DEPENDS = "e2fsprogs-native" + +PACKAGECONFIG ?= "zlib bz2 xz zstd ${@bb.utils.filter('DISTRO_FEATURES', 'acl xattr', d)}" + +DEPENDS_BZIP2 = "bzip2-replacement-native" +DEPENDS_BZIP2:class-target = "bzip2" + +PACKAGECONFIG[acl] = "--enable-acl,--disable-acl,acl," +PACKAGECONFIG[xattr] = "--enable-xattr,--disable-xattr,attr," +PACKAGECONFIG[zlib] = "--with-zlib,--without-zlib,zlib," +PACKAGECONFIG[bz2] = "--with-bz2lib,--without-bz2lib,${DEPENDS_BZIP2}," +PACKAGECONFIG[xz] = "--with-lzma,--without-lzma,xz," +PACKAGECONFIG[openssl] = "--with-openssl,--without-openssl,openssl," +PACKAGECONFIG[libb2] = "--with-libb2,--without-libb2,libb2," +PACKAGECONFIG[libxml2] = "--with-xml2,--without-xml2,libxml2," +PACKAGECONFIG[expat] = "--with-expat,--without-expat,expat," +PACKAGECONFIG[lzo] = "--with-lzo2,--without-lzo2,lzo," +PACKAGECONFIG[nettle] = "--with-nettle,--without-nettle,nettle," +PACKAGECONFIG[lz4] = "--with-lz4,--without-lz4,lz4," +PACKAGECONFIG[mbedtls] = "--with-mbedtls,--without-mbedtls,mbedtls," +PACKAGECONFIG[zstd] = "--with-zstd,--without-zstd,zstd," + +EXTRA_OECONF += "--enable-largefile --without-iconv" + +SRC_URI = "https://libarchive.org/downloads/libarchive-${PV}.tar.gz" +UPSTREAM_CHECK_URI = "https://www.libarchive.org/" + +SRC_URI[sha256sum] = "5f2d3c2fde8dc44583a61165549dc50ba8a37c5947c90fc02c8e5ce7f1cfb80d" + +inherit autotools update-alternatives pkgconfig + +CPPFLAGS += "-I${WORKDIR}/extra-includes" + +do_configure[cleandirs] += "${WORKDIR}/extra-includes" +do_configure:prepend() { + # We just need the headers for some type constants, so no need to + # build all of e2fsprogs for the target + cp -R ${STAGING_INCDIR_NATIVE}/ext2fs ${WORKDIR}/extra-includes/ +} + +ALTERNATIVE_PRIORITY = "80" + +PACKAGES =+ "bsdtar" +FILES:bsdtar = "${bindir}/bsdtar" + +ALTERNATIVE:bsdtar = "tar" +ALTERNATIVE_LINK_NAME[tar] = "${base_bindir}/tar" +ALTERNATIVE_TARGET[tar] = "${bindir}/bsdtar" + +PACKAGES =+ "bsdcpio" +FILES:bsdcpio = "${bindir}/bsdcpio" + +ALTERNATIVE:bsdcpio = "cpio" +ALTERNATIVE_LINK_NAME[cpio] = "${base_bindir}/cpio" +ALTERNATIVE_TARGET[cpio] = "${bindir}/bsdcpio" + +BBCLASSEXTEND = "native nativesdk" -- cgit v1.2.3-54-g00ecf