libarchive : update to 3.5.3

Message ID	20220224024122.2209426-1-chee.yang.lee@intel.com
State	Accepted, archived
Commit	5b00b0e015312264cdb3fd88b6f4a8df456316c3
Headers	show Return-Path: <chee.yang.lee@intel.com> ip: 192.55.52.43, mailfrom: chee.yang.lee@intel.com) From: chee.yang.lee@intel.com To: openembedded-core@lists.openembedded.org Subject: [PATCH] libarchive : update to 3.5.3 Date: Thu, 24 Feb 2022 10:41:22 +0800 Message-Id: <20220224024122.2209426-1-chee.yang.lee@intel.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit
Series	libarchive : update to 3.5.3 \| expand libarchive : update to 3.5.3

Message ID

20220224024122.2209426-1-chee.yang.lee@intel.com

State

Accepted, archived

Commit

5b00b0e015312264cdb3fd88b6f4a8df456316c3

Headers

From: chee.yang.lee@intel.com
To: openembedded-core@lists.openembedded.org
Subject: [PATCH] libarchive : update to 3.5.3
Date: Thu, 24 Feb 2022 10:41:22 +0800
Message-Id: <20220224024122.2209426-1-chee.yang.lee@intel.com>
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit

Series

libarchive : update to 3.5.3 | expand

Commit Message

Lee, Chee Yang Feb. 24, 2022, 2:41 a.m. UTC

From: Lee Chee Yang <chee.yang.lee@intel.com>

Libarchive 3.5.3 is a security release

Security Fixes:

extended fix for following symlinks when processing the fixup list (#1566, #1617, CVE-2021-31566)
fix invalid memory access and out of bounds read in RAR5 reader (#1491, #1492, #1493, CVE-2021-36976)

Signed-off-by: Lee Chee Yang <chee.yang.lee@intel.com>
---
 .../libarchive/{libarchive_3.5.2.bb => libarchive_3.5.3.bb}     | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)
 rename meta/recipes-extended/libarchive/{libarchive_3.5.2.bb => libarchive_3.5.3.bb} (96%)

diff --git a/meta/recipes-extended/libarchive/libarchive_3.5.2.bb b/meta/recipes-extended/libarchive/libarchive_3.5.3.bb
similarity index 96%
rename from meta/recipes-extended/libarchive/libarchive_3.5.2.bb
rename to meta/recipes-extended/libarchive/libarchive_3.5.3.bb
index 385bcef6e9..dd607aca0a 100644
--- a/meta/recipes-extended/libarchive/libarchive_3.5.2.bb
+++ b/meta/recipes-extended/libarchive/libarchive_3.5.3.bb
@@ -34,7 +34,7 @@  EXTRA_OECONF += "--enable-largefile"
 
 SRC_URI = "http://libarchive.org/downloads/libarchive-${PV}.tar.gz"
 
-SRC_URI[sha256sum] = "5f245bd5176bc5f67428eb0aa497e09979264a153a074d35416521a5b8e86189"
+SRC_URI[sha256sum] = "72788e5f58d16febddfa262a5215e05fc9c79f2670f641ac039e6df44330ef51"
 
 inherit autotools update-alternatives pkgconfig

libarchive : update to 3.5.3

Commit Message

Patch