news:
- https://git.tukaani.org/?p=xz.git;a=blob_plain;f=NEWS;hb=3be6942e5c27d29995d41da52fbe274e4ce4a537
5.2.9 (2022-11-30)
* liblzma:
- Fixed an infinite loop in LZMA encoder initialization
if dict_size >= 2 GiB. (The encoder only supports up
to 1536 MiB.)
- Fixed two cases of invalid free() that can happen if
a tiny allocation fails in encoder re-initialization
or in lzma_filters_update(). These bugs had some
similarities with the bug fixed in 5.2.7.
- Fixed lzma_block_encoder() not allowing the use of
LZMA_SYNC_FLUSH with lzma_code() even though it was
documented to be supported. The sync-flush code in
the Block encoder was already used internally via
lzma_stream_encoder(), so this was just a missing flag
in the lzma_block_encoder() API function.
- GNU/Linux only: Don't put symbol versions into static
liblzma as it breaks things in some cases (and even if
it didn't break anything, symbol versions in static
libraries are useless anyway). The downside of the fix
is that if the configure options --with-pic or --without-pic
are used then it's not possible to build both shared and
static liblzma at the same time on GNU/Linux anymore;
with those options --disable-static or --disable-shared
must be used too.
* New email address for bug reports is <xz@tukaani.org> which
forwards messages to Lasse Collin and Jia Tan.
The http://zlib.net/zlib-VERSION link only works for the currently
released version and break whenever zlib releases a new version
(which happened twice this year). This is also problematic when
building older LibreELEC versions as the older zlib can't be downloaded.
Switch PKG_URL to the tar.gz files at https://zlib.net/fossils/ as
this location provides all (current and older) releases.
Signed-off-by: Matthias Reichl <hias@horus.com>
set PKG_TOOLCHAIN="configure" as the cmake support in xz is experimental
- due to https://git.tukaani.org/?p=xz.git;a=commit;h=31d80c6b261b24220776dfaeb8a04f80f80e0a24
and the static builds of xz - --enable-symbol-versions=no needs to be
set to compile Python3
ann:
- https://tukaani.org/xz/
release notes:
- https://git.tukaani.org/?p=xz.git;a=blob;f=NEWS;h=0205423e79ce8297102096b0fc8b030ddf5b2023;hb=d2003362dd42004355a5550ee7a60ace3b3ea2d8
5.2.7 (2022-09-30)
* liblzma:
- Made lzma_filters_copy() to never modify the destination
array if an error occurs. lzma_stream_encoder() and
lzma_stream_encoder_mt() already assumed this. Before this
change, if a tiny memory allocation in lzma_filters_copy()
failed it would lead to a crash (invalid free() or invalid
memory reads) in the cleanup paths of these two encoder
initialization functions.
- Added missing integer overflow check to lzma_index_append().
This affects xz --list and other applications that decode
the Index field from .xz files using lzma_index_decoder().
Normal decompression of .xz files doesn't call this code
and thus most applications using liblzma aren't affected
by this bug.
- Single-threaded .xz decoder (lzma_stream_decoder()): If
lzma_code() returns LZMA_MEMLIMIT_ERROR it is now possible
to use lzma_memlimit_set() to increase the limit and continue
decoding. This was supposed to work from the beginning
but there was a bug. With other decoders (.lzma or
threaded .xz decoder) this already worked correctly.
- Fixed accumulation of integrity check type statistics in
lzma_index_cat(). This bug made lzma_index_checks() return
only the type of the integrity check of the last Stream
when multiple lzma_indexes were concatenated. Most
applications don't use these APIs but in xz it made
xz --list not list all check types from concatenated .xz
files. In xz --list --verbose only the per-file "Check:"
lines were affected and in xz --robot --list only the "file"
line was affected.
- Added ABI compatibility with executables that were linked
against liblzma in RHEL/CentOS 7 or other liblzma builds
that had copied the problematic patch from RHEL/CentOS 7
(xz-5.2.2-compat-libs.patch). For the details, see the
comment at the top of src/liblzma/validate_map.sh.
WARNING: This uses __symver__ attribute with GCC >= 10.
In other cases the traditional __asm__(".symver ...")
is used. Using link-time optimization (LTO, -flto) with
GCC versions older than 10 can silently result in
broken liblzma.so.5 (incorrect symbol versions)! If you
want to use -flto with GCC, you must use GCC >= 10.
LTO with Clang seems to work even with the traditional
__asm__(".symver ...") method.
* xzgrep: Fixed compatibility with old shells that break if
comments inside command substitutions have apostrophes (').
This problem was introduced in 5.2.6.
* Build systems:
- New #define in config.h: HAVE_SYMBOL_VERSIONS_LINUX
- Windows: Fixed liblzma.dll build with Visual Studio project
files. It broke in 5.2.6 due to a change that was made to
improve CMake support.
- Windows: Building liblzma with UNICODE defined should now
work.
- CMake files are now actually included in the release tarball.
They should have been in 5.2.5 already.
- Minor CMake fixes and improvements.
* Added a new translation: Turkish
5.2.6 released on 2022-08-12. This includes a security fix to xzgrep
(CVE-2022-1271, ZDI-CAN-16587) for which a standalone patch was already
released on 2022-04-07.
news: https://git.tukaani.org/?p=xz.git;a=blob;f=NEWS;hb=HEAD
Changelog: https://www.zlib.net/ChangeLog.txt
ChangeLog file for zlib
Changes in 1.2.12 (27 Mar 2022)
- Cygwin does not have _wopen(), so do not create gzopen_w() there
- Permit a deflateParams() parameter change as soon as possible
- Limit hash table inserts after switch from stored deflate
- Fix bug when window full in deflate_stored()
- Fix CLEAR_HASH macro to be usable as a single statement
- Avoid a conversion error in gzseek when off_t type too small
- Have Makefile return non-zero error code on test failure
- Avoid some conversion warnings in gzread.c and gzwrite.c
- Update use of errno for newer Windows CE versions
- Small speedup to inflate [psumbera]
- Return an error if the gzputs string length can't fit in an int
- Add address checking in clang to -w option of configure
- Don't compute check value for raw inflate if asked to validate
- Handle case where inflateSync used when header never processed
- Avoid the use of ptrdiff_t
- Avoid an undefined behavior of memcpy() in gzappend()
- Avoid undefined behaviors of memcpy() in gz*printf()
- Avoid an undefined behavior of memcpy() in _tr_stored_block()
- Make the names in functions declarations identical to definitions
- Remove old assembler code in which bugs have manifested
- Fix deflateEnd() to not report an error at start of raw deflate
- Add legal disclaimer to README
- Emphasize the need to continue decompressing gzip members
- Correct the initialization requirements for deflateInit2()
- Fix a bug that can crash deflate on some input when using Z_FIXED
- Assure that the number of bits for deflatePrime() is valid
- Use a structure to make globals in enough.c evident
- Use a macro for the printf format of big_t in enough.c
- Clean up code style in enough.c, update version
- Use inline function instead of macro for index in enough.c
- Clarify that prefix codes are counted in enough.c
- Show all the codes for the maximum tables size in enough.c
- Add gznorm.c example, which normalizes gzip files
- Fix the zran.c example to work on a multiple-member gzip file
- Add tables for crc32_combine(), to speed it up by a factor of 200
- Add crc32_combine_gen() and crc32_combine_op() for fast combines
- Speed up software CRC-32 computation by a factor of 1.5 to 3
- Use atomic test and set, if available, for dynamic CRC tables
- Don't bother computing check value after successful inflateSync()
- Correct comment in crc32.c
- Add use of the ARMv8 crc32 instructions when requested
- Use ARM crc32 instructions if the ARM architecture has them
- Explicitly note that the 32-bit check values are 32 bits
- Avoid adding empty gzip member after gzflush with Z_FINISH
- Fix memory leak on error in gzlog.c
- Fix error in comment on the polynomial representation of a byte
- Clarify gz* function interfaces, referring to parameter names
- Change macro name in inflate.c to avoid collision in VxWorks
- Correct typo in blast.c
- Improve portability of contrib/minizip
- Fix indentation in minizip's zip.c
- Replace black/white with allow/block. (theresa-m)
- minizip warning fix if MAXU32 already defined. (gvollant)
- Fix unztell64() in minizip to work past 4GB. (Daniël Hörchner)
- Clean up minizip to reduce warnings for testing
- Add fallthrough comments for gcc
- Eliminate use of ULL constants
- Separate out address sanitizing from warnings in configure
- Remove destructive aspects of make distclean
- Check for cc masquerading as gcc or clang in configure
- Fix crc32.c to compile local functions only if used
update 2.5 (2021-01-24) to 2.6 (2021-02-06)
log: https://github.com/madler/pigz/commits/master
changelog (from pigz.c):
- Add --huffman/-H and --rle/U strategy options
- Fix issue when compiling for no threads
- Fail silently on a broken pipe
update 2.4 (2017-12-26) to 2.5 (2021-01-24)
log: https://github.com/madler/pigz/commits/master
changelog (from pigz.c):
- Add --alias/-A option to set .zip name for stdin input
- Add --comment/-C option to add comment in .gz or .zip
- Fix a bug that misidentified a multi-entry .zip
- Fix a bug that did not emit double syncs for -i -p 1
- Fix a bug in yarn that could try to access freed data
- Do not delete multi-entry .zip files when extracting
- Do not reject .zip entries with bit 11 set
- Avoid a possible threads lock-order inversion
- Ignore trailing junk after a gzip stream by default
The cmake files were moved upstream [0] and the build now fails because it
silently falls back to the GNU Makefile:
install: cannot change permissions of '/usr/local/bin/': Operation not permitted
Point to the new location and set PKG_TOOLCHAIN explicitely to "cmake", which
would have caugth this issue:
CMake Error: The source directory "/tmp/libreelec/build.LibreELEC-H6.arm-9.80-devel/build/lz4-1.9.3/contrib/cmake_unofficial" does not exist.
Specify --help for usage, or press the help button on the CMake GUI.
FAILURE: ./scripts/build lz4:host during configure_host (default)
[0] 31d477db07
legacy_level=0 disables support for packages compressed with zstd before
version 0.8 (~August 2016).
Support for the other compression libraries adds a symlink feature to the
zstd binary for it to mimic that library's regular tool. Example, a
symlink pointing to zstd named 'gzip' will cause zstd to pretend to be gzip.
The cli tools aren't used, so there is no purpose to adding this support.
Signed-off-by: Ian Leonard <antonlacon@gmail.com>
