Skip to content

[Backport staging-25.05] libarchive: 3.7.8 -> 3.8.0#411754

Merged
vcunat merged 2 commits intostaging-25.05from
backport-409300-to-staging-25.05
Jun 18, 2025
Merged

[Backport staging-25.05] libarchive: 3.7.8 -> 3.8.0#411754
vcunat merged 2 commits intostaging-25.05from
backport-409300-to-staging-25.05

Conversation

@nixpkgs-ci
Copy link
Contributor

@nixpkgs-ci nixpkgs-ci bot commented May 28, 2025
edited by vcunat
Loading

Bot-based backport to staging-25.05, triggered by a label in #409300.

  • Before merging, ensure that this backport is acceptable for the release.
    • Even as a non-committer, if you find that it is not acceptable, leave a comment.

zhaofengli added 2 commits May 28, 2025 14:37
@zhaofengli @github-actions
libarchive: 3.7.8 -> 3.8.0
b4ef085 
(cherry picked from commit 525263c)
@zhaofengli @github-actions
libarchive: Add patch to fix macOS metadata handling when reading cer…
826dd3a 
…tain tarballs

This was merged in <libarchive/libarchive#2636>
and fixes the root cause of the test_copy failure.

(cherry picked from commit 8fa0b53)
@nixpkgs-ci nixpkgs-ci bot added the 1.severity: security Issues which raise a security issue, or PRs that fix one label May 28, 2025
@nixpkgs-ci nixpkgs-ci bot mentioned this pull request May 28, 2025
Merged
13 tasks
@github-actions github-actions bot added 4.workflow: backport This targets a stable branch 10.rebuild-darwin: 5001+ This PR causes many rebuilds on Darwin and must target the staging branches. 10.rebuild-darwin: 501+ This PR causes many rebuilds on Darwin and should normally target the staging branches. 10.rebuild-linux: 5001+ This PR causes many rebuilds on Linux and must target the staging branches. 10.rebuild-linux: 501+ This PR causes many rebuilds on Linux and should normally target the staging branches. labels May 28, 2025
@nix-owners nix-owners bot requested a review from jcumming May 28, 2025 14:46
@zhaofengli
Copy link
Member

zhaofengli commented May 28, 2025

Note that @vcunat has some concerns on Matrix about backporting.

This release does introduce new features in addition to security fixes, but it should not be breaking. The only "breaking" change that I can think of is libarchive/libarchive#2607 which disallows multiple --files-from/-T arguments which did not work anyways and would result in incorrect behavior.

Alternatively, we can manually apply the security-relevant patches (Debian-style) but I don't think it's worth the effort.

@vcunat
Copy link
Member

vcunat commented May 29, 2025
edited
Loading

We go to master/unstable first, so we get more confidence that way, I guess. 25.05 hasn't diverged much yet.

@vcunat vcunat merged commit 5b7aacc into staging-25.05 Jun 18, 2025
18 of 19 checks passed
@wolfgangwalther wolfgangwalther deleted the backport-409300-to-staging-25.05 branch June 20, 2025 11:14
@h0nIg h0nIg mentioned this pull request Jun 27, 2025
Closed
3 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@jcumming jcumming Awaiting requested review from jcumming

Assignees

No one assigned

Labels

1.severity: security Issues which raise a security issue, or PRs that fix one 4.workflow: backport This targets a stable branch 10.rebuild-darwin: 501+ This PR causes many rebuilds on Darwin and should normally target the staging branches. 10.rebuild-darwin: 5001+ This PR causes many rebuilds on Darwin and must target the staging branches. 10.rebuild-linux: 501+ This PR causes many rebuilds on Linux and should normally target the staging branches. 10.rebuild-linux: 5001+ This PR causes many rebuilds on Linux and must target the staging branches.

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@zhaofengli @vcunat