Important bugfixes:
#2753 lib: Create temporary files in the target directory
#2768 lha: Fix for an out-of-bounds buffer overrun when using
p[H_LEVEL_OFFSET]
#2769 7-zip: Fix a buffer overrun when reading truncated 7zip headers
#2771 lz4 and zstd: Support both lz4 and zstd data with leading
skippable frames
Obtained from: libarchive
Vendor commit: 1368b08875351df8aa268237b882c8f4ceb0882d
Important bugfixes:
#2477 tar writer: fix replacing a regular file with a dir for
ARCHIVE_EXTRACT_SAFE_WRITES
#2659 lib: improve filter process handling
#2664 zip writer: fix a memory leak if write callback error early
#2665 lib: archive_read_data: handle sparse holes at end of file correctly
#2668 7zip: Fix out of boundary access
#2670 zip writer: fix writing with ZSTD compression
#2672 lib: fix error checking in writing files
#2678 zstd write filter: enable Zstandard's checksum feature
#2679 lib: handle possible errors from system calls
#2707 lib: avoid leaking file descriptors into subprocesses
#2713 RAR5 reader: fix multiple issues in extra field parsing function
#2716 RAR5 reader: early fail when file declares data for a dir entry
#2717 bsdtar: Allow filename to have CRLF endings
#2719 tar reader: fix checking the result of the strftime (CVE-2025-25724)
#2737 tar reader: fix an infinite loop when parsing V headers
#2742 lib: parse_date: handle dates in 2038 and beyond if time_t is big
enough
Obtained from: libarchive
Vendor commit: 7f53fce04e4e672230f4eb80b219af17975e4f83
Security: CVE-2025-25724
New features:
#2088 7-zip reader: improve self-extracting archive detection
#2137 zip writer: added XZ, LZMA, ZSTD and BZIP2 support
#2403 zip writer: added LZMA + RISCV BCJ filter
#2601 bsdtar: support --mtime and --clamp-mtime
#2602 libarchive: mbedtls 3.x compatibility
Security fixes:
#2422 tar reader: Handle truncation in the middle of a GNU long linkname
CVE-2024-57970
#2532 tar reader: fix unchecked return value in list_item_verbose()
CVE-2025-25724
#2532 unzip: fix null pointer dereference
CVE-2025-1632
#2568 warc: prevent signed integer overflow
#2584 rar: do not skip past EOF while reading
#2588 tar: fix overflow in build_ustar_entry
#2598 rar: fix double free with over 4 billion nodes
#2599 rar: fix heap-buffer-overflow
Important bugfixes:
#2399 7-zip reader: add SPARC filter support for non-LZMA compressors
#2405 tar reader: ignore ustar size when pax size is present
#2435 tar writer: fix bug when -s/a/b/ used more than once with b flag
#2459 7-zip reader: add POWERPC filter support for non-LZMA compressors
#2519 libarchive: handle ARCHIVE_FILTER_LZOP in archive_read_append_filter
#2539 libarchive: add missing seeker function to archive_read_open_FILE()
#2544 gzip: allow setting the original filename for gzip compressed files
#2564 libarchive: improve lseek handling
#2582 rar: support large headers on 32 bit systems
#2587 bsdtar: don't hardlink negative inode files together
#2596 rar: support large headers on 32 bit systems
#2606 libarchive: support @-prefixed Unix epoch timestamps as date strings
Obtained from: libarchive
Vendor commit: 70ff28fcf04ec129a1d064f96e49aa57fcc90e37
CVE: CVE-2024-57970, CVE-2025-1632, CVE-2025-25724
Security fixes:
#2364 tar: don't crash on truncated tar archives
#2366 gzip: prevent a hang when processing a malformed gzip inside a gzip
#2377 tar: fix two leaks in tar header parsing
Important bugfixes:
#2096 rar5: report encrypted entries
#2252 7-zip: read/write symlink paths as UTF-8
#2360 tar: fix truncation of entry pathnames in specific archives
Obtained from: libarchive
Vendor commit: b439d586f53911c84be5e380445a8a259e19114c
Security fixes:
#2330 iso: be more cautious about parsing ISO-9660 timestamps
#2343 tar: clean up linkpath between entries
Important bugfixes:
#2338 tar: fix memory leaks when processing symlinks or parsing pax headers
Obtained from: libarchive
Vendor commit: f0a0bc6b3046e34c9d6981f8c026da51fea12c89
#2147 archive_string: clean up strncat_from_utf8_to_utf8 (36047967a)
#2153 archive_match: check archive_read_support_format_raw()
return value (0ce1b4c38)
#2154 archive_match: turn counter into flag (287e05d53)
#2155 lha: Do not allow negative file sizes (93b11caed)
#2156 tests: setenv LANG to en_US.UTF-8 in bsdunzip test_I.c (83e8b0ea8)
Obtained from: libarchive
Libarchive commit: 83e8b0ea8c3b07e07ac3dee90a8724565f8e53fd
New features:
#1941 uudecode filter: support file name and file mode in raw mode
#1943 7-zip reader: translate Windows permissions into UNIX
permissions
#1962 zstd filter now supports the "long" write option
#2012 add trailing letter b to bsdtar(1) substitute pattern
#2031 PCRE2 support
#2054 add support for long options "--group" and "--owner" to tar(1)
Security fixes:
#2101 Fix possible vulnerability in tar error reporting introduced
in f27c173
Important bugfixes:
#1974 ISO9660: preserve the natural order of links
#2105 rar5: fix infinite loop if during rar5 decompression the last
block produced no data
#2027 xz filter: fix incorrect eof at the end of an lzip member
#2043 zip: fix end-of-data marker processing when decompressing zip
archives
Obtained from: libarchive
Libarchive commit: 4fcc02d906cca4b9e21a78a833f1142a2689ec52
Important changes (relevant to FreeBSD):
#1840 year 2038 fix for pax archives on platforms with 64-bit time_t
#1873 bsdunzip ported to libarchive from FreeBSD
#1894 read support for zstd compression in 7zip archives
#1918 ARM64 filter support in 7zip archives
Obtained from: libarchive
Libarchive commit: ee45796171324519f0c0bfd012018dd099296336
Libarchive tag: v3.7.0
Important changes (relevant to FreeBSD):
#1814 Do not account for NULL terminator when comparing with "TRAILER!!!"
#1818 Add ability to produce multi-frame zstd archives
#1860 Make single bit bitfields unsigned to avoid clang 16 warning
#1869 Fix FreeBSD builds with WARNS=6
Obtained from: libarchive
Libarchive commit: 1f3c62ebf4d492ac21d3099b3b064993100dd997
Important Bugfixes:
rar5 reader: fix possible garbled output with bsdtar -O (#1745)
mtree reader: support reading mtree files with tabs (#1783)
various small fixes for issues found by CodeQL
Obtained from: libarchive
Libarchive commit: ba80276ccc3c941c4918ec6e2460059f0c525c43
Libarcive tag: v3.6.2
Bugfixes:
IS #1685 and OSS-Fuzz #38764:
(ISO reader) fix possible heap buffer overflow in read_children()
IS #1715 and OSS-Fuzz #46279:
(RARv4 reader) fix heap-use-after-free in run_filters()
Obtained from: libarchive
Libarchive commit: db714553712debbc447383f735e022031dc13127
Bugfixes:
IS #1672 and OSS-Fuzz #38766:
(zip reader) fix possible out-of-bounds read in zipx_lzma_alone_init()
PR #1676: (mtree reader) remove the unused variable "detected_bytes"
PR #1674: (doc) fix use of At mdoc(7) macro in cpio.5
Obtained from: libarchive
Libarchive commit: cfaa28168a07ea4a53276b63068f94fce37d6aff
Libarchive 3.6.0
New features:
PR #1614: tar: new option "--no-read-sparse"
PR #1503: RAR reader: filter support
PR #1585: RAR5 reader: self-extracting archive support
New features (not used in FreeBSD base):
PR #1567: tar: threads support for zstd (#1567)
PR #1518: ZIP reader: zstd decompression support
Security Fixes:
PR #1491, #1492, #1493, CVE-2021-36976:
fix invalid memory access and out of bounds read in RAR5 reader
PR #1566, #1618, CVE-2021-31566:
extended fix for following symlinks when processing the fixup list
Other notable bugfixes and improvements:
PR #1620: tar: respect "--ignore-zeros" in c, r and u modes
PR #1625: reduced size of application binaries
Obtained from: libarchive
Libarchive commit: 9147def1da7ad1bdd47b3559eb1bfeeb0e0f374b
Libarchive tag: v3.6.0
Libarchive 3.5.2
New features:
PR #1502: Support for PWB and v7 binary cpio formats
PR #1509: Support of deflate algorithm in symbolic link decompression
for ZIP archives
Important bugfixes:
IS #1044: fix extraction of hardlinks to symlinks
PR #1480: Fix truncation of size values during 7zip archive
extraction on 32bit architectures
PR #1504: fix rar header skiming
PR #1514: ZIP excessive disk read - fix location of central directory
PR #1520: fix double-free in CAB reader
PR #1521: Fixed leak of rar before ending with error
PR #1530: Handle short writes from archive_write_callback
PR #1532: 7zip: Use compression settings from file also for file header
IS #1566: do not follow symlinks when processing the fixup list
Obtained from: libarchive
Libarchive commit: 1b2c437b99b361c7692538fa373e99955e9b93ae
Libarchive tag: v3.5.2
Vendor changes:
Issue #1461: Unbreak build without lzma
Issue #1462: warc reader: Fix build with gcc11
Issue #1463: Fix code compatibility in test_archive_read_support.c
Issue #1464: Use built-in strnlen on platforms where not available
Issue #1465: warc reader: fix undefined behaviour in deconst() function
Libarchive 3.5.0
Relevant vendor changes:
Issue #1258: add archive_read_support_filter_by_code()
PR #1347: mtree digest reader support
Issue #1381: skip hardlinks pointing to itself on extraction
PR #1387: fix writing of cpio archives with hardlinks without file type
PR #1388: fix rdev field in cpio format for device nodes
PR #1389: completed support for UTF-8 encoding conversion
PR #1405: more formats in archive_read_support_format_by_code()
PR #1408: fix uninitialized size in rar5_read_data
PR #1409: system extended attribute support
PR #1435: support for decompression of symbolic links in zipx archives
Issue #1456: memory leak after unsuccessful archive_write_open_filename
Libarchive 3.4.3
Relevant vendor changes:
PR #1352: support negative zstd compression levels
PR #1359: improve zstd version checking
PR #1348: support RHT.security.selinux from GNU tar
PR #1357: support for archives compressed with pzstd
PR #1367: fix issues in acl tests
PR #1372: child handling cleanup
PR #1378: fix memory leak from passphrase callback
Libarchive 3.4.2
Relevant vendor changes:
PR #1289: atomic extraction support (bsdtar -x --safe-writes)
PR #1308: big endian fix for UTF16 support in LHA reader
PR #1326: reject RAR5 files that declare invalid header flags
Issue #987: fix support 7z archive entries with Delta filter
Issue #1317: fix compression output buffer handling in XAR writer
Issue #1319: fix uname or gname longer than 32 characters in pax writer
Issue #1325: fix use after free when archiving hardlinks in ISO9660 or XAR
Use localtime_r() and gmtime_r() instead of localtime() and gmtime()
Relevant vendor changes:
Issue #351: Refactor and implement private state logic for write filters
PR #1252: RAR5 reader - verify window size for solid files (OSS-Fuzz 15482)
PR #1255: zip writer - don't append unused NUL for directories
PR #1260: Fix sparse file offset overflow on 32-bit systems
PR #1263: UNICODE filename support for reading lha/lzh format
Issue #1276: Bugfix and optimize archive_wstring_append_from_mbs()
PR #1288: Add the "xattrhdr" option to pax write options
PR #1295: 7z reader - fix reading archives with digests in PackInfo
PR #1296: RAR5 reader - verify window size for multivolume archives
PR #1297: ZIP reader - support LZMA_STREAM_END marker in 'lzma alone' files
Issue #1298: Fix a heap-buffer-overflow in archive_string_append_from_wcs()
OSS-Fuzz 19360, 19362: LHA reader - plug two memory leaks on error
Fix possible off-by-one when dealing with readlink(2)
Relevant vendor changes:
Issue #1237: Fix integer overflow in archive_read_support_filter_lz4.c
PR #1249: Correct some typographical and grammatical errors.
PR #1250: Minor corrections to the formatting of manual pages
Relevant vendor changes:
Issue #795: XAR - do not try to add xattrs without an allocated name
PR #812: non-recursive option for extract and list
PR #958: support reading metadata from compressed files
PR #999: add --exclude-vcs option to bsdtar
Issue #1062: treat empty archives with a GNU volume header as valid
PR #1074: Handle ZIP files with trailing 0s in the extra fields
(Android APK archives)
PR #1109: Ignore padding in Zip extra field data (Android APK archives)
PR #1167: fix problems related to unreadable directories
Issue #1168: fix handling of strtol() and strtoul()
PR #1172: RAR5 - fix invalid window buffer read in E8E9 filter
PR #1174: ZIP reader - fix of MSZIP signature parsing
PR #1175: gzip filter - fix reading files larger than 4GB from memory
PR #1177: gzip filter - fix memory leak with repeated header reads
PR #1180: ZIP reader - add support for Info-ZIP Unicode Path Extra Field
PR #1181: RAR5 - fix merge_block() recursion
(OSS-Fuzz 12999, 13029, 13144, 13478, 13490)
PR #1183: fix memory leak when decompressing ZIP files with LZMA
PR #1184: fix RAR5 OSS-Fuzz issues 12466, 14490, 14491, 12817
OSS-Fuzz 12466: RAR5 - fix buffer overflow when parsing huffman tables
OSS-Fuzz 14490, 14491: RAR5 - fix bad shift-left operations
OSS-Fuzz 12817: RAR5 - handle a case with truncated huffman tables
PR #1186: RAR5 - fix invalid type used for dictionary size mask
(OSS-Fuzz 14537)
PR #1187: RAR5 - fix integer overflow (OSS-Fuzz 14555)
PR #1190: RAR5 - RAR5 don't try to unpack entries marked as directories
(OSS-Fuzz 14574)
PR #1196: RAR5 - fix a potential SIGSEGV on 32-bit builds
OSS-Fuzz 2582: RAR - fix use after free if there is an invalid entry
OSS-Fuzz 14331: RAR5 - fix maximum owner name length
OSS-Fuzz 13965: RAR5 - use unsigned int for volume number + range check
Additional RAR5 reader changes:
- support symlinks, hardlinks, file owner, file group, versioned files
- change ARCHIVE_FORMAT_RAR_V5 to 0x100000
- set correct mode for readonly directories
- support readonly, hidden and system Windows file attributes
NOTE: a version bump of libarchive will happen in the following days
Relevant vendor changes:
PR #1153: fixed 2 bugs in ZIP reader
PR #1143: ensure archive_read_disk_entry_from_file() uses ARCHIVE_READ_DISK
Changes to file flags code, support more file flags on FreeBSD:
UF_OFFLINE, UF_READONLY, UF_SPARSE, UF_REPARSE, UF_SYSTEM
UF_ARCHIVE is not supported by intention (yet)
Relevant vendor changes:
PR #1085: Fix a null pointer dereference bug in zip writer
PR #1110: ZIP reader added support for XZ, LZMA, PPMD8 and BZIP2
decopmpression
PR #1116: Add support for 64-bit ar format
PR #1120: Fix a 7zip crash [1] and a ISO9660 infinite loop [2]
PR #1125: RAR5 reader - fix an invalid read and a memory leak
PR #1131: POSIX reader - do not fail when tree_current_lstat() fails
due to ENOENT [3]
PR #1134: Delete unnecessary null pointer checks before calls of free()
OSS-Fuzz 10843: Force intermediate to uint64_t to make UBSAN happy.
OSS-Fuzz 11011: Avoid buffer overflow in rar5 reader
PR: 233006 [3]
Security: CVE-2019-1000019 [1], CVE-2019-1000020 [2]