[liblzma] update to 5.6.0 #37197
Comments
Neustradamus
added
the
category:port-update
Fixes #37197. - [x] Changes comply with the [maintainer guide](https://github.com/microsoft/vcpkg-docs/blob/main/vcpkg/contributing/maintainer-guide.md). - [x] SHA512s are updated for each updated download. - [x] The "supports" clause reflects platforms that may be fixed by this new version. - [x] Any fixed [CI baseline](https://github.com/microsoft/vcpkg/blob/master/scripts/ci.baseline.txt) entries are removed from that file. - [x] Any patches that are no longer applied are deleted from the port's directory. - [x] The version database is fixed by rerunning `./vcpkg x-add-version --all` and committing the result. - [x] Only one version is added to each modified port's versions file. The update to version 5.6.0, includes the following changes * the patches were adapted for changes in the new version (I cannot check if the patch for iOS support was adapted correctly) * the new tools `lzmadec` and `lzmainfo` are handled in the same manner as the existing tools `xz` and `xzdec` * ~nls was disabled to sidestep an issue with installing the man pages~ * ~a new feature `nls` was added to enable native language support. This was necessary to handle a new optional dependency on `gettext` so that the existing `tools` feature continues to work.~ * nls support was not added, yet. See discussion below for details. I have successfully built * `liblzma:x86-windows`, * `liblzma:x64-windows`, * `liblzma:x64-linux`, * `liblzma[tools]:x64-linux`, Note that `tools` is not supported on `windows`. Requested by @Neustradamus EDIT 1: added nls feature EDIT 2: removed nls feature again
|
hey guys.. might wanna check this dude out with the with the whole xz lib fiasco. |
|
Warning, some people attack me because I have requested the XZ update. |
|
You have unknowingly implicated yourself simply by following the bad actor on here, who is heavily suspected of using sock puppet accounts to push for |
Perhaps raising an issue would be the best course of action? |
|
@Aerocatia: Thanks for your message. The official XZ team announcement is here: Important to know: There is no problem with contributors here like @carsten-grimm. But several people mix all because I have requested the XZ update in vcpkg. @gowthamgts has participated on HN against me badly and I have commented on two places where he has commented (on my SCRAM request publications):
You can look here the original comment:
You can follow my announcements here:
The good point, people speak about SCRAM "Salted Challenge Response Authentication Mechanism" security ;) Badly, some people or projects like only old unsecure mechanisms, some would like security improvements. |
|
I have received a lot of attacks (private and public) and I am listed here, a lot of people have attacked me here: Free software's not-so-eXZellent adventure: Free software's not-so-eXZellent adventure [LWN.net] on Reddit:
This project is still alive? · Issue 234 · ifupdown-ng/ifupdown-ng on Reddit: xz-utils backdoor situation (CVE-2024-3094): @thesamesam: Dear all, I have already commented, that I have no link with XZ team, I do only request of updates, and I do announcements on social networks:
I propose you to follow me to have announcements. Examples for XZ on Twitter:
I have already done several explanation about my request of update in VCPKG to 5.4.5 and 5.6.0 etc. I have successed to have a new team for Avahi and nss-mdns, but at this time, Avahi is always UNSECURE because there are a lot of CVEs from 2021 and 2023, I have requested several times, a new release build: I have helped @EasyNetDev to have reaction of dormant ifupdown-ng team because no review of PRs, etc. |
Library name
liblzma
New version number
5.6.0
Other information that may be useful (release notes, etc...)
Can you update the current liblzma?
Note: There is a 5.4.5 too.
Thanks in advance.
The text was updated successfully, but these errors were encountered: