77 lines
2.1 KiB
Plaintext
77 lines
2.1 KiB
Plaintext
Changes in version 1.0.7
|
|
========================
|
|
|
|
* The new maintainer of bzip2 is Federico Mena Quintero
|
|
<federico@gnome.org>.
|
|
|
|
* Bzip2 is now maintained under version control at
|
|
https://gitlab.com/federicomenaquintero/bzip2
|
|
|
|
The following are changes that have accumulated in various
|
|
distributions since bzip2-1.0.6:
|
|
|
|
* Fix bashisms in bzgrep (Led).
|
|
|
|
* Fix unsafe strcpy in bzip2recover (Red Hat).
|
|
|
|
* Fix bzgrep so it doesn't always return a 0 exit code (Kristýna Streitová)
|
|
|
|
* CVE-2016-3189 - Fix use-after-free in bzip2recover (Jakub Martisko)
|
|
|
|
* Use O_CLOEXEC for bzopen()
|
|
|
|
* Fix mingw compilation (Marty E. Plummer, Dylan Baker)
|
|
|
|
* Fix Visual Studio compilation (Phil Ross)
|
|
|
|
* Fix #10: bunzip2 -qt returns 0 for corrupt archives (Wenzong Fan)
|
|
|
|
* Fix undefined behavior in macros with the shift-left operator
|
|
(Paul Kehrer)
|
|
|
|
* Fix a 'not a normal file' error when compressing large files on
|
|
Windows (Phil Ross)
|
|
|
|
This is a new bugfix:
|
|
|
|
* CVE-2019-12900 - Detect out-of-range nSelectors in corrupted files
|
|
(Albert Astals Cid). Found through fuzzing karchive.
|
|
|
|
Build system changes:
|
|
|
|
* Instead of the historical Makefile, bzip2 now comes with two
|
|
supported build systems (Meson and CMake), and an unsupported one
|
|
(makefile.msc). Either of the supported ones should build a shared
|
|
library as per modern practices. Please see the file COMPILING.md for
|
|
details.
|
|
|
|
Special thanks:
|
|
|
|
* Julian Seward for ceding maintainership and providing lots of advice
|
|
and interesting anecdotes.
|
|
|
|
* Mark Wielaard for constructing a repository based on tarballs from
|
|
the original releases.
|
|
|
|
* Erich Córdoba and Jordan Petridis for the Continuous Integration
|
|
infrastructure.
|
|
|
|
* Phil Ross for the Windows build fixes.
|
|
|
|
* Dylan Baker for the Meson infrastructure.
|
|
|
|
* Micah Snyder for the CMake infrastructure.
|
|
|
|
* Stanislav Brabec for an Autotools infrastructure, which
|
|
became the basis for the Meson/CMake ones.
|
|
|
|
* Jens Korte for fixing up the README.
|
|
|
|
* All the people who submitted distribution-specific patches.
|
|
|
|
|
|
Changes in version 1.0.6 and earlier
|
|
====================================
|
|
|
|
Please see the file NEWS-pre-1.0.7.
|