lha 1.14i_6 archivers =238

Archive files using LZSS and Huffman compression (.lzh files)
Maintained by: dinoex@FreeBSD.org
Port Added: unknown

---

---

     LHa for UNIX

     This unofficial version of lha is based on Version 1.00.  This
version supports extraction & archiving using -lh5- & -lh6- as well as
extraction using -lh7- algorithm.

     All the bug reports on this version should be directed to Tsuguo
Okamoto <tsugio@muc.biglobe.ne.jp>.


     If this software is included in a medium that may be obtained by
users without network connectivity, please notify Tsuguo Okamoto in
advance.  Redistribution over networks is not restricted.

     According to Masafumi NAKANE <max@wide.ad.jp> the author gives
permission to distribute this software on FreeBSD CDROM.

WWW: http://www2m.biglobe.ne.jp/~dolphin/lha/lha.htm

CVSWeb : Sources : Main Web Site : Distfiles Availability : PortsMon

---

To install the port: cd /usr/ports/archivers/lha/ && make install clean
To add the package: pkg_add -r lha

---

Configuration Options

     No options to configure

---

Master Sites:

http://www2m.biglobe.ne.jp/~dolphin/lha/prog/

ftp://ftp.FreeBSD.org/pub/FreeBSD/ports/distfiles/

- add SHA checksum

- Security Fix
possible off by one bounds check
Submitted by:   Munehiro Matsuda
Approved by:    portmgr (marcus)

- Security fix
Submitted by:   eik
Approved by:    portmgr (eik)
Obtained from:  redhat

Unmark FORBIDEN and bump PORTREVISION now that the patches to fix
those vulnerabilities have been added.

- Security Fix: symlink vulnerability
patch from:
ftp://updates.redhat.com/9/en/os/SRPMS/lha-1.14i-9.1.src.rpm"

- Security Fix: two stack buffer overflows and two directory traversal flaws

patch from: Ulf Haernhammar
http://lists.netsys.com/pipermail/full-disclosure/2004-May/020776.html
CAN-2004-0234 CAN-2004-0235

Mark FORBIDDEN again, since the previous commit did not fix anything..

- Security Fix: two stack buffer overflows and two directory traversal flaws
patch from: Ulf H?rnhammar
http://lists.netsys.com/pipermail/full-disclosure/2004-May/020776.html
CAN-2004-0234 CAN-2004-0235

- Security Fix: symlink vulnerability
patch from:
ftp://updates.redhat.com/9/en/os/SRPMS/lha-1.14i-9.1.src.rpm"

Mark FORBIDDEN due to exploitable buffer overflows and path handling
issues.
http://vuxml.freebsd.org/a2ffb627-9c53-11d8-9366-0020ed76ef5a.html

- add SIZE

Use PLIST_FILES (bento-tested, marcus-reviewed).

- take maintainership

portlint (fix whitespace)

Fix comment info about compression.
Drop maintainership, I don't understand Japanese.

PR:             57392
Submitted by:   IIJIMA Hiromitsu <delmonta@ht.sakura.ne.jp>

Include <stdlib.h> for malloc() prototype

Submitted by:   tjr

Clear moonlight beckons.
Requiem mors pacem pkg-comment,
And be calm ports tree.

E Nomini Patri, E Fili, E Spiritu Sancti.

Removed unreachable ftp-site.
Noticed by: portvurvey.

Fix install.

Requested by:   kris

Massive style enforcement - use ^I instead of spaces for variables identation.  
 

Upgrade to 1.14i    

Upgrade to 1.14h    

Convert archivers category to new layout.  

Uncomment NEED_INCREMENTAL_INDICATOR    

Put some missing flags back    

Update to version 1.14g    

5 vulnerabilities affecting 16 ports have been reported in the past 14 days

^* - modified, not new

All vulnerabilities