f061a2215f
Update libarchive to 3.2.1 (bugfix and security fix release) List of vendor fixes: - fix exploitable heap overflow vulnerability in Rar decompression (vendor issue 719, CVE-2016-4302, TALOS-2016-0154) - fix exploitable stack based buffer overflow vulnebarility in mtree parse_device functionality (vendor PR 715, CVE-2016-4301, TALOS-2016-0153) - fix exploitable heap overflow vulnerability in 7-zip read_SubStreamsInfo (vendor issue 718, CVE-2016-4300, TALOS-2016-152) - fix integer overflow when computing location of volume descriptor (vendor issue 717) - fix buffer overflow when reading a crafred rar archive (vendor issue 521) - fix possible buffer overflow when reading ISO9660 archives on machines where sizeof(int) < sizeof(size_t) (vendor issue 711) - tar and cpio should fail if an input file named on the command line is missing (vendor issue 708) - fix incorrect writing of gnutar filenames that are exactly 512 bytes long (vendor issue 682) - allow tests to be run from paths that are equal or longer than 128 characters (vendor issue 657) - add memory allocation errors in archive_entry_xattr.c (vendor PR 603) - remove dead code in archive_entry_xattr_add_entry() (vendor PR 716) - fix broken decryption of ZIP files (vendor issue 553) - manpage style, typo and description fixes Post-3.2.1 vendor fixes: - fix typo in cpio version reporting (Vendor PR 725, 726) - fix argument range of ctype functions in libarchive_fe/passphrase.c - fix ctype use and avoid empty loop bodies in WARC reader MFC after: 1 week Security: CVE-2016-4300, CVE-2016-4301, CVE-2016-4302 Approved by: re (kib)
40 lines
940 B
Makefile
40 lines
940 B
Makefile
# $FreeBSD$
|
|
|
|
.include <src.opts.mk>
|
|
|
|
_LIBARCHIVEDIR= ${.CURDIR}/../../contrib/libarchive
|
|
_LIBARCHIVECONFDIR= ${.CURDIR}/../../lib/libarchive
|
|
|
|
PROG= bsdcpio
|
|
BSDCPIO_VERSION_STRING= 3.2.1
|
|
|
|
.PATH: ${_LIBARCHIVEDIR}/cpio
|
|
SRCS= cpio.c cmdline.c
|
|
|
|
.PATH: ${_LIBARCHIVEDIR}/libarchive_fe
|
|
SRCS+= err.c line_reader.c passphrase.c
|
|
|
|
CFLAGS+= -DBSDCPIO_VERSION_STRING=\"${BSDCPIO_VERSION_STRING}\"
|
|
CFLAGS+= -DPLATFORM_CONFIG_H=\"${_LIBARCHIVECONFDIR}/config_freebsd.h\"
|
|
CFLAGS+= -I${_LIBARCHIVEDIR}/cpio -I${_LIBARCHIVEDIR}/libarchive_fe
|
|
|
|
.ifdef RELEASE_CRUNCH
|
|
# FreeBSD's installer uses cpio in crunched binaries that are
|
|
# statically linked, cannot use -lcrypto, and are size sensitive.
|
|
CFLAGS+= -DSMALLER
|
|
.endif
|
|
LIBADD= archive
|
|
|
|
.if ${MK_ICONV} != "no"
|
|
CFLAGS+= -DHAVE_ICONV=1 -DHAVE_ICONV_H=1 -DICONV_CONST=const
|
|
.endif
|
|
|
|
SYMLINKS=bsdcpio ${BINDIR}/cpio
|
|
MLINKS= bsdcpio.1 cpio.1
|
|
|
|
.if ${MK_TESTS} != "no"
|
|
SUBDIR+= tests
|
|
.endif
|
|
|
|
.include <bsd.prog.mk>
|