libarchive: bump to 3.7.7 fixing a lot of security issues

libarchive fixed a lot of security issues in the last few releases, listing only notable changes, libarchive 3.7.5: * rar4: protect copy_from_lzss_window_to_unp() CVE-2024-20696 * rar4: fix CVE-2024-26256 libarchive 3.7.6: * this release fixes a tar regression introduced in libarchive 3.7.5 libarchive 3.7.7: * gzip: prevent a hang when processing a malformed gzip inside a gzip (OSS-Fuzz) * tar: don't crash on truncated tar archives (OSS-Fuzz) * tar: fix two leaks in tar header parsing Link: https://github.com/libarchive/libarchive/releases Signed-off-by: Matthias Franck <matthias.franck@softathome.com>
2025-12-26 13:26:17 +04:00 · 2025-03-17 10:08:10 +01:00
parent c5576299a0
commit 39b1179bd6
1 changed files with 2 additions and 2 deletions
--- a/libs/libarchive/Makefile
+++ b/libs/libarchive/Makefile
@@ -8,12 +8,12 @@
 include $(TOPDIR)/rules.mk

 PKG_NAME:=libarchive
-PKG_VERSION:=3.7.4
+PKG_VERSION:=3.7.7
 PKG_RELEASE:=1

 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz
 PKG_SOURCE_URL:=https://www.libarchive.org/downloads
-PKG_HASH:=f887755c434a736a609cbd28d87ddbfbe9d6a3bb5b703c22c02f6af80a802735
+PKG_HASH:=879acd83c3399c7caaee73fe5f7418e06087ab2aaf40af3e99b9e29beb29faee

 PKG_MAINTAINER:=Johannes Morgenroth <morgenroth@ibr.cs.tu-bs.de>
 PKG_LICENSE:=BSD-2-Clause