Bug 261334 - sysutils/squashfs-tools: update to 4.5
Summary: sysutils/squashfs-tools: update to 4.5
Status: Closed FIXED
Alias: None
Product: Ports & Packages
Classification: Unclassified
Component: Individual Port(s) (show other bugs)
Version: Latest
Hardware: Any Any
: --- Affects Only Me
Assignee: Alexey Dokuchaev
Depends on:
Reported: 2022-01-19 13:04 UTC by Rodrigo Osorio
Modified: 2022-03-27 10:49 UTC (History)
0 users

See Also:
bugzilla: maintainer-feedback? (danfe)

patch to upgrade squashfs-tools (2.55 KB, patch)
2022-01-19 13:04 UTC, Rodrigo Osorio
no flags Details | Diff

Note You need to log in before you can comment on or make changes to this bug.
Description Rodrigo Osorio freebsd_committer 2022-01-19 13:04:38 UTC
Created attachment 231155 [details]
patch to upgrade squashfs-tools

Find attached my attempt tu update squashfs-tools to the latest released version.

The full changelog is available here: https://github.com/plougher/squashfs-tools/blob/master/README-4.5
Comment 1 Alexey Dokuchaev freebsd_committer 2022-01-20 02:45:14 UTC
According to the upstream, on 2021-07-25, three days after releasing 4.5, an important bug had been found.  A new point release would be forthcoming in the next couple of days (sooner if no other release bugs are reported).  Also, we expect one regression* in 4.4 which also present in 4.5 to be fixed as well.

*) https://github.com/plougher/squashfs-tools/issues/120
Comment 2 commit-hook freebsd_committer 2022-03-27 10:46:37 UTC
A commit in branch main references this bug:

URL: https://cgit.FreeBSD.org/ports/commit/?id=812d78629a3dd8d0f622cd44a2262ed01e3d6297

commit 812d78629a3dd8d0f622cd44a2262ed01e3d6297
Author:     Alexey Dokuchaev <danfe@FreeBSD.org>
AuthorDate: 2022-03-27 10:43:52 +0000
Commit:     Alexey Dokuchaev <danfe@FreeBSD.org>
CommitDate: 2022-03-27 10:43:52 +0000

    sysutils/squashfs-tools: update the port to version 4.5.1 (finally)

    This is a long-awaited release which fixes known security issue [1]
    and regression when working with extended attributes [2].

    Install more complete documentation set while here and GC no longer
    needed CFLAGS+= and USE_CSTD knobs.

    Security:       CVE-2021-41072 [1]
    PR:             256790 [2], 261334

 sysutils/squashfs-tools/Makefile             | 30 +++++++++++++++++-----------
 sysutils/squashfs-tools/distinfo             |  6 +++---
 sysutils/squashfs-tools/files/patch-Makefile | 22 ++++++++++++--------
 3 files changed, 35 insertions(+), 23 deletions(-)