159 lines
6.8 KiB
Plaintext
Vendored
159 lines
6.8 KiB
Plaintext
Vendored
v0.3.1 (2016-03-29):
|
|
|
|
* This release fixes an integer underflow vulnerability in the
|
|
code for doing LZH level 3 header decodes (TALOS-CAN-0095).
|
|
Thanks go to Marcin Noga and Regina Wilson of Cisco TALOS for
|
|
reporting this vulnerability.
|
|
|
|
v0.3.0 (2015-04-20):
|
|
|
|
* PMarc -pm1- archives that contain truncated compressed data (the
|
|
decompressed length is longer than what can be read from the
|
|
compressed data) now decompress as intended. Certain archives
|
|
in the wild make the assumption that this can be done.
|
|
* LArc -lz5- archives that make use of the initial history buffer
|
|
now decompress correctly.
|
|
* The tests no longer use predictable temporary paths (thanks Jon
|
|
Dowland).
|
|
* Tests were fixed under OS X.
|
|
|
|
v0.2.0 (2013-08-04):
|
|
|
|
* Decompression of archives using the -lhx- file format supported by
|
|
unlha32.dll is now supported (thanks Multi for the patch).
|
|
* The -p (print to stdout) command line option is now supported.
|
|
* The test suite should now run correctly on Windows.
|
|
|
|
Bugs fixed:
|
|
* Bug where archives read from pipes (eg. stdin) were not extracted
|
|
beyond the first file in the archive.
|
|
* Output when using the -w (extract directory) option now correctly
|
|
matches the output of Unix lha.
|
|
|
|
v0.1.0 (2013-03-16):
|
|
|
|
* There are now test archives for OS-9 and OS-9/68k (OSK) and a
|
|
workaround for a bug in the OSK lha tool on this platform. OSK level
|
|
0 extended areas are also supported.
|
|
* Extracted files are now written using O_EXCL, which prevents
|
|
malicious symbolic links being used to redirect output.
|
|
* Directory paths containing '..' as a directory name are now
|
|
sanitized, to prevent malicious archives being able to overwrite
|
|
arbitrary files on the filesystem.
|
|
* Symbolic links are now extracted in a safer way, being created as
|
|
dummy files that are overwritten with proper symbolic links at the
|
|
end of extraction. This is the same behavior used by GNU tar to
|
|
prevent malicious use of symbolic links.
|
|
* Automake 1.13 is now properly supported (thanks Jan Engelhardt).
|
|
Processing of archives read from IPC pipes (including stdin) has
|
|
been fixed.
|
|
|
|
v0.0.7 (2012-06-02):
|
|
|
|
* Extraction and listing of Unix symbolic links is now supported.
|
|
* Decompression code for the "old" PMarc archive algorithm (-pm1-) has
|
|
been added.
|
|
* Support has been added for Unix LHA level 0 header extended areas
|
|
(so level 0 archives with Unix metadata are now listed and extracted
|
|
correctly).
|
|
* The Unix permissions field in the list output for directory entries
|
|
has been fixed.
|
|
* The library header files have been fixed so that they can be included
|
|
in C++ code.
|
|
* The LHADecoder interface, for extracting raw compressed data, has been
|
|
added to the public header files.
|
|
* The Unix LHA test archives have been regenerated and improved.
|
|
* A "ghost testing" tool has been added for testing ghost compression
|
|
algorithms such as -pm1-.
|
|
* The list output tests have been fixed to be repeatable regardless of
|
|
the current date.
|
|
* Build of the fuzzer tool has been fixed.
|
|
|
|
v0.0.6 (2012-05-17):
|
|
|
|
* When the -w option is used during extraction, the path specified
|
|
is now first created if it does not already exist.
|
|
* The command line tool now exits with a failure return code if an
|
|
error occurs during extraction.
|
|
* A "catch-all" header file (lhasa.h) has been added.
|
|
* The public header files installed with the library can now be
|
|
included and used externally.
|
|
* A pkgconfig file is now installed as part of the library
|
|
(thanks Jan Engelhardt).
|
|
* Make targets have been added for building Doxygen documentation
|
|
and including them as part of the distribution.
|
|
|
|
v0.0.5 (2012-05-08):
|
|
|
|
* Architecture-specific functions for running on Windows have now been
|
|
fully implemented, and the command line tool passes all tests in the
|
|
test suite on Windows (thanks roytam1 for bug reports).
|
|
* Bug fixed where the command line tool would enter an infinite loop
|
|
when extracting a truncated archive (thanks Jon Dowland).
|
|
* Support added for archives with level 0 headers and Unix path
|
|
separators (thanks roytam1).
|
|
* The test suite now runs correctly outside of the Europe/London time
|
|
zone (thanks Thomas Klausner).
|
|
* A .spec file is now included for building rpm packages.
|
|
|
|
v0.0.4 (2012-05-01):
|
|
|
|
* Special handling is now included for MacBinary headers generated
|
|
by MacLHA.
|
|
* The -w command line option was broken; it has been fixed.
|
|
* A bug has been fixed where the timestamp and other metadata was
|
|
not set properly for extracted directories.
|
|
* Failures to set the UID/GID of extracted files are now ignored,
|
|
rather than being treated as a fatal error.
|
|
* Self-extracting archive files with long headers (up to 64KiB)
|
|
are now supported. This fixes the handling with some Windows
|
|
archives.
|
|
* A Unix manpage has been added.
|
|
* It is now possible to extract an archive from stdin, by using '-'
|
|
as the filename.
|
|
* The shorthand command line syntax "lha foo.lzh" to list an archive
|
|
is now supported.
|
|
* A bug with the wildcard pattern matching code has been fixed.
|
|
* Proper regression tests have now been added for command line
|
|
archive extraction.
|
|
* A set of archives generated by LHmelt (Windows) have been added to
|
|
the test suite.
|
|
* The regression tests for testing file header parsing and CRC checks
|
|
have been rewritten.
|
|
|
|
v0.0.3 (2012-04-22):
|
|
|
|
Third beta release.
|
|
|
|
* A fix has been added for a bug where missing parent directories
|
|
were not being created properly.
|
|
* Regression testing archives have been added from MacLHA v2.24.
|
|
* In order to support MacLHA archives, code has been added that
|
|
heuristically detects the MacBinary headers added by MacLHA
|
|
and strips them off.
|
|
|
|
v0.0.2 (2012-04-17):
|
|
|
|
Second beta release.
|
|
|
|
* This version adds support for level 2 and 3 file headers. Lhasa
|
|
should now be capable of decompressing most, if not all archives
|
|
found in the wild.
|
|
* A fuzz testing framework has been added for testing the
|
|
decompression code. A couple of bugs have been fixed as a result
|
|
of this.
|
|
|
|
v0.0.1 (2012-04-06):
|
|
|
|
Initial version. This should be considered beta code, although this
|
|
first version should already be capable of extracting the majority of
|
|
archive files found in the wild. The main missing features are:
|
|
|
|
* Lack of support for level 2 and 3 file headers.
|
|
* Inability to create archives (only extract them).
|
|
|
|
These are features that I aim to add in future releases. Other future
|
|
features can be found in the TODO file.
|
|
|
|
# vim: tw=75
|