Your message dated Thu, 12 Mar 2009 15:02:18 +0000
with message-id <e1lhmqm-0004an...@ries.debian.org>
and subject line Bug#516577: fixed in libarchive 2.6.2-1
has caused the Debian Bug report #516577,
regarding libarchive: skip segfaults when using archive_read_open
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)
--
516577: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=516577
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: libarchive1
Version: 2.6.1-1
Severity: serious
Tags: patch
When using the old archive_read_open function of libarchive, it calls
libarchive_read_open2 with skipper set to NULL. But that functions
always adds a function calling this one as skipper for source stream.
Which leads to segfaults when the program requests a skip.
I'm setting severity to serious to avoid it migrating to testing, as
it makes reprepro segfault, see #516515.
Attached is a patch which fixes the issue for me.
Hochachtungsvoll,
Bernhard R. Link
--- a/libarchive-2.6.1/libarchive/archive_read.c 2008-12-28 21:08:32.000000000 +0100
+++ b/libarchive-2.6.1/libarchive/archive_read.c 2009-02-22 13:51:48.000000000 +0100
@@ -189,7 +189,8 @@ archive_read_open2(struct archive *_a, v
source->archive = a;
source->data = client_data;
source->read = client_read_proxy;
- source->skip = client_skip_proxy;
+ if (a->client.skipper != NULL)
+ source->skip = client_skip_proxy;
source->close = client_close_proxy;
a->source = source;
}
--- End Message ---
--- Begin Message ---
Source: libarchive
Source-Version: 2.6.2-1
We believe that the bug you reported is fixed in the latest version of
libarchive, which is due to be installed in the Debian FTP archive:
bsdcpio_2.6.2-1_i386.deb
to pool/main/liba/libarchive/bsdcpio_2.6.2-1_i386.deb
bsdtar_2.6.2-1_i386.deb
to pool/main/liba/libarchive/bsdtar_2.6.2-1_i386.deb
libarchive-dev_2.6.2-1_i386.deb
to pool/main/liba/libarchive/libarchive-dev_2.6.2-1_i386.deb
libarchive1_2.6.2-1_i386.deb
to pool/main/liba/libarchive/libarchive1_2.6.2-1_i386.deb
libarchive_2.6.2-1.diff.gz
to pool/main/liba/libarchive/libarchive_2.6.2-1.diff.gz
libarchive_2.6.2-1.dsc
to pool/main/liba/libarchive/libarchive_2.6.2-1.dsc
libarchive_2.6.2.orig.tar.gz
to pool/main/liba/libarchive/libarchive_2.6.2.orig.tar.gz
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to 516...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
John Goerzen <jgoer...@complete.org> (supplier of updated libarchive package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@debian.org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.8
Date: Thu, 12 Mar 2009 09:32:31 -0500
Source: libarchive
Binary: libarchive-dev libarchive1 bsdtar bsdcpio
Architecture: source i386
Version: 2.6.2-1
Distribution: unstable
Urgency: low
Maintainer: John Goerzen <jgoer...@complete.org>
Changed-By: John Goerzen <jgoer...@complete.org>
Description:
bsdcpio - cpio(1) from FreeBSD, using libarchive
bsdtar - tar(1) from FreeBSD, using libarchive
libarchive-dev - Single library to read/write tar, cpio, pax, zip, iso9660,
etc.
libarchive1 - Single library to read/write tar, cpio, pax, zip, iso9660, etc.
Closes: 516577 517398
Changes:
libarchive (2.6.2-1) unstable; urgency=low
.
* New Upstream Version. Closes: #516577.
* Update watch file to new homepage. Closes: #517398.
Checksums-Sha1:
ac63241380890d913d85f2d820236dbd35accb6a 1284 libarchive_2.6.2-1.dsc
56be9601877f467369cc7792f1319f0271becd1c 948569 libarchive_2.6.2.orig.tar.gz
c4541a18f5ddc305cce84d2e7217437f810af386 7511 libarchive_2.6.2-1.diff.gz
5ed30d5465ca9c8bb0fae97f390726022e9025ef 157740 libarchive-dev_2.6.2-1_i386.deb
fe29c7a8b5c8029630d17171e68d841ad7f96477 121794 libarchive1_2.6.2-1_i386.deb
631ae55ccfb3ac290989a1f06fe2b4b6b3e41652 48008 bsdtar_2.6.2-1_i386.deb
a64b99e4b2d4a9ce082fc45b578c175db950fb29 29734 bsdcpio_2.6.2-1_i386.deb
Checksums-Sha256:
78ad29edfd1cc3f27cffbaf8b6ba690cb419ca802e90646256ce178430d49abd 1284
libarchive_2.6.2-1.dsc
48c27c0ce12e1363e6f7dd87ee5cf65aaad6ebbaa502791e9aa548d1523ebbb1 948569
libarchive_2.6.2.orig.tar.gz
56ec1b5b70e88c579330cae0aa53ec181c73ad40846b7202fc7437071daa0a5e 7511
libarchive_2.6.2-1.diff.gz
c75e9b5c6a851b93e18772b74dfded01a50e8b521ae784ae7378b5c637b185f9 157740
libarchive-dev_2.6.2-1_i386.deb
031b97336bff4f0bf540f033d4b741fb77af585bfdf0aa6818c2d05b4b347fa7 121794
libarchive1_2.6.2-1_i386.deb
aba63f26b5d225b8220d6a632098cf009d605040beafc7e024d05d4c6ce5aa10 48008
bsdtar_2.6.2-1_i386.deb
6a52c3f11c5f99f5b7f47682a590e695868045151ece3c93b0fdd860c75a620b 29734
bsdcpio_2.6.2-1_i386.deb
Files:
1ad13c192a6fbacc159ec1eb2663972c 1284 libs optional libarchive_2.6.2-1.dsc
e31fcacd3f2b996988c0852a5edfc680 948569 libs optional
libarchive_2.6.2.orig.tar.gz
acd55ddf6777b577f2ca7611758f2bef 7511 libs optional libarchive_2.6.2-1.diff.gz
c00c2379214ffa1e242c06431edf992e 157740 libdevel optional
libarchive-dev_2.6.2-1_i386.deb
5a5691edfde14183b64534b42ec375a9 121794 libs optional
libarchive1_2.6.2-1_i386.deb
70c69948f059be24870d0dc091a57a04 48008 utils optional bsdtar_2.6.2-1_i386.deb
8d182cffc0915a674df2609da399a8af 29734 utils optional bsdcpio_2.6.2-1_i386.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
iEYEARECAAYFAkm5Hn8ACgkQthyt9Q6V7ksodgCfalk3dZYdnBytxBCf2l0s7m/o
TWIAoIHyF/PUdLlxlo5rjxQ7Hmsb6Eqg
=yCJx
-----END PGP SIGNATURE-----
--- End Message ---
