Created attachment 231155 [details]
patch to upgrade squashfs-tools
Find attached my attempt tu update squashfs-tools to the latest released version.
The full changelog is available here: https://github.com/plougher/squashfs-tools/blob/master/README-4.5
According to the upstream, on 2021-07-25, three days after releasing 4.5, an important bug had been found. A new point release would be forthcoming in the next couple of days (sooner if no other release bugs are reported). Also, we expect one regression* in 4.4 which also present in 4.5 to be fixed as well.
A commit in branch main references this bug:
Author: Alexey Dokuchaev <danfe@FreeBSD.org>
AuthorDate: 2022-03-27 10:43:52 +0000
Commit: Alexey Dokuchaev <danfe@FreeBSD.org>
CommitDate: 2022-03-27 10:43:52 +0000
sysutils/squashfs-tools: update the port to version 4.5.1 (finally)
This is a long-awaited release which fixes known security issue 
and regression when working with extended attributes .
Install more complete documentation set while here and GC no longer
needed CFLAGS+= and USE_CSTD knobs.
Security: CVE-2021-41072 
PR: 256790 , 261334
sysutils/squashfs-tools/Makefile | 30 +++++++++++++++++-----------
sysutils/squashfs-tools/distinfo | 6 +++---
sysutils/squashfs-tools/files/patch-Makefile | 22 ++++++++++++--------
3 files changed, 35 insertions(+), 23 deletions(-)