libarchive changed the pkgconfig install logic in 3.8.1, so that it now
installs the pkgconfig file in ${CMAKE_INSTALL_LIBDIR}/pkgconfig instead
of the previous lib/pkgconfig.
While this is a bug[1] in libarchive as this was unintended change, until
that is fixed upstream lets pass -DCMAKE_INSTALL_LIBDIR=lib to restore
previous behaviour in order for InstallDev step to install the .pc file so
other packages can find libarchive and link against it.
[1] https://github.com/libarchive/libarchive/issues/2667
Fixes: d77931df5d ("libarchive: bump to 3.8.1")
Signed-off-by: Robert Marko <robimarko@gmail.com>
This is a feaure and bugfix release.
New features:
bsdtar: support --mtime and --clamp-mtime (#2601)
lib: mbedtls 3.x compatibility (#2602)
7-zip reader: improve self-extracting archive detection (#2088)
xar: xmllite support for the XAR reader and writer (#2388)
zip writer: added XZ, LZMA, ZSTD and BZIP2 support (#2137, #2284, #2391)
zip writer: added LZMA + RISCV BCJ filter (#2403)
Notable security fixes:
rar: do not skip past EOF while reading (#2584)
rar: fix double free with over 4 billion nodes (#2598)
rar: fix heap-buffer-overflow (#2599)
warc: prevent signed integer overflow (#2568)
tar: fix overflow in build_ustar_entry (#2588)
Notable bugfixes:
ibarchive: fix FILE_skip regression (#2642)
compress: Prevent call stack overflow (#2649)
iso9660: always check archive_string_ensure return value (#2651)
tar: Support negative time values with pax (#2634)
tar: Reset accumulated header state after reading macOS metadata blob (#2636)
tar: Keep block alignment after pax error (#2637)
tar: Handle extra bytes after sparse entries (#2643)
windows: check archive_wstring_ensure return value (#2652)
bsdtar: don't hardlink negative inode files together (#2587)
gz: allow setting the original filename for gzip compressed files (#2544)
lib: improve lseek handling (#2564)
lib: support @-prefixed Unix epoch timestamps as date strings (#2606)
rar: support large headers on 32 bit systems (#2596)
tar reader: Improve LFS support on 32 bit systems (#2582)
Full changelog: https://github.com/libarchive/libarchive/compare/v3.7.9...v3.8.1
Build system: x86/64
Build-tested: x86/64
Run-tested: x86/64
Signed-off-by: John Audia <therealgraysky@proton.me>
Libarchive 3.7.9 is a bugfix release, fixing a regression in libarchive
3.7.8 regarding GNU sparse entries was fixed.
Libarchive 3.7.8 is a bugfix and security release:
Security fixes:
* tar reader: Handle truncation in the middle of a GNU long linkname (CVE-2024-57970)
* unzip: fix null pointer dereference (CVE-2025-1632)
* tar reader: fix unchecked return value in list_item_verbose() (CVE-2025-25724)
Important bugfixes:
* 7zip reader: add SPARC and POWERPC filter support for non-LZMA compressors
* tar reader: Ignore ustar size when pax size is present
* tar writer: Fix bug when -s/a/b/ used more than once with b flag
* cpio: Fix a Y2038 bug on Windows
* libarchive: Handle ARCHIVE_FILTER_LZOP in archive_read_append_filter
* libarchive: Adding missing seeker function to archive_read_open_FILE()
Full Changelog: https://github.com/libarchive/libarchive/compare/v3.7.7...v3.7.8
Signed-off-by: Petr Štetiar <ynezz@true.cz>
libarchive fixed a lot of security issues in the last few releases, listing only
notable changes,
libarchive 3.7.5:
* rar4: protect copy_from_lzss_window_to_unp() CVE-2024-20696
* rar4: fix CVE-2024-26256
libarchive 3.7.6:
* this release fixes a tar regression introduced in libarchive 3.7.5
libarchive 3.7.7:
* gzip: prevent a hang when processing a malformed gzip inside a gzip (OSS-Fuzz)
* tar: don't crash on truncated tar archives (OSS-Fuzz)
* tar: fix two leaks in tar header parsing
Link: https://github.com/libarchive/libarchive/releases
Signed-off-by: Matthias Franck <matthias.franck@softathome.com>
Looks like libarchive v3.7.3 adds support for pcre2 (d1231a7ea7).
Because of this, the following build error is observed (in the case pcre2 is compiled before libarchive):
Package libarchive is missing dependencies for the following libraries:
libpcre2-8.so.0
libpcre2-posix.so.3
So let's disable linking with pcre2, just like linking with pcre was disabled before.
Signed-off-by: Matthias FRANCK <matthias.franck@softathome.com>
libarchive looks for ext2fs headers during configure, and if it finds
them it will expect to find them during compile, or on the rare occasion
when they aren't it will fail:
libarchive/archive_entry.c:59:55: fatal error: ext2fs/ext2_fs.h: No such file or directory
As we just need headers for some type constants, let's re-use headers
from tools/e2fsprogs package which are always available.
Reported-by: Adam Dov <adov@maxlinear.com>
Suggested-by: Paul Eggleton <paul.eggleton@linux.intel.com>
References: https://git.yoctoproject.org/poky/commit/?id=f0b9a7cf9f80be1917e45266fa201f464a28c1e5
Signed-off-by: Petr Štetiar <ynezz@true.cz>
Fixes:
Packages 'bsdtar' and 'bsdtar-noopenssl' do not conflict while providing same file: /usr/bin/bsdtar
Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
faster to compile.
A small selection of packages was tested going from:
Executed in 696.30 secs fish external
usr time 82.98 mins 395.00 micros 82.98 mins
sys time 9.02 mins 0.00 micros 9.02 mins
to:
Executed in 592.20 secs fish external
usr time 84.84 mins 361.00 micros 84.84 mins
sys time 8.85 mins 57.00 micros 8.85 mins
Tested by running make -j 12 and wiping staging/build_dir/target_x
Signed-off-by: Rosen Penev <rosenp@gmail.com>
Some of these were introduced after the Makefile was written. Adding them
guarentees fewer issues down the road.
Also did some small reorganization for consistency between packages.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
For consistency, use full name instead of $(PKG_NAME) in define and eval
lines for all packages.
I've seen reviews that asked to do this before, and I am asking the same
during reviews now. To avoid this in the future, fix this treewide so
when people use existing packages as example, we will not have to
request this change anymore.
This makes all packages consistent with both LEDE and OpenWrt base
repositories.
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
In order to reduce the dependencies, this patch disables following features:
* Extended Attributes
* ACL support
* bzip2 through bz2lib
* lzop through liblzo2
* crypto support from Nettle
* xar through libxml2
Signed-off-by: Johannes Morgenroth <morgenroth@ibr.cs.tu-bs.de>
Dependencies to libacl, libattr, libbz2, liblzo, and libnettle added.
PKG_BUILD_DEPENDS is removed since it is already defined by DEPENDS.
Signed-off-by: Johannes Morgenroth <morgenroth@ibr.cs.tu-bs.de>
