ZLib
libarchive
Our great sponsors
ZLib | libarchive | |
---|---|---|
49 | 33 | |
5,278 | 2,870 | |
- | 4.1% | |
8.9 | 8.8 | |
10 days ago | 5 days ago | |
C | C | |
GNU General Public License v3.0 or later | GNU General Public License v3.0 or later |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
ZLib
- Zlib 1.3.1 Out
-
Vulnerability found after scanning debian 12 bookworm VM
A fix has been checked into the upstream git repo: https://github.com/madler/zlib/pull/843 but a release has not yet been made including it.
-
ZLib VS jdeflate - a user suggested alternative
2 projects | 25 Nov 2023
-
CVE-2023-4863: Heap buffer overflow in WebP (Chrome)
So the real issue here is that the lack of tree validation before the tree construction, I believe. I'm surprised that this check was not yet implemented (I actually checked libwebp to make sure that I was missing one). Given this blind spot, an automated test based on the domain knowledge is likely useless to catch this bug.
[1] https://github.com/madler/zlib/blob/master/examples/enough.c
-
Notes: Advanced Node.js Concepts by Stephen Grider
In the source code of the Node.js opensource project, lib folder contains JavaScript code, mostly wrappers over C++ and function definitions. On the contrary, src folder contains C++ implementations of the functions, which pulls dependencies from the V8 project, the libuv project, the zlib project, the llhttp project, and many more - which are all placed at the deps folder.
- Zlib 1.3 · madler/zlib 09155ea
- Zlib 1.3 – A Spiffy yet Delicately Unobtrusive Compression Library
- Exploring the Internals of Linux v0.01
-
Dear Pirates Donate as much as you can
Seeing the text in red got me thinking for a moment, "wow, didn't realize pirates had such love for an open-source compression library"
-
Updated packages: do Arch devs update/build the original source as is or...
cd "${srcdir}/zlib-$pkgver/contrib/minizip" make install DESTDIR="${pkgdir}" install -D -m644 "${srcdir}/zlib-$pkgver/LICENSE" "${pkgdir}/usr/share/licenses/minizip/LICENSE" # https://github.com/madler/zlib/pull/229 rm "${pkgdir}/usr/include/minizip/crypt.h"
libarchive
-
The XZ attack and timeline
29. October 2021 At this point Jia Tan pops up, and the first thing we see from him is an innocuous patch to the xz repository, and while a lot of people believe he started out trying his luck with another library also known as libarchive, this is not the case, I would bet it’s more of a backup looking at the dates, being that there are a few days in between as shown in this commit.
- Zip entry size unset now honors user requested compression level
- Suspicious libarchive pull request
-
Backdoor in upstream xz/liblzma leading to SSH server compromise
Potentially malicious commit by same author on libarchive: https://github.com/libarchive/libarchive/pull/1609
- WinRAR musste shady werden.
-
Making Amiga IFF Thumbnails Work in Linux
Full agreement, and with the addition of xpk¹/xfd² as natural extensions to that extensibility too. I see things like xfd supporting xz¹, and I'm simultaneously amazed that it exists and happy that I don't need to do xz {,de}compression on 68k ;)
I guess we have something similar-ish with libarchive⁴, but nobody(including me) has pushed the extra mile to get file dialogs to support random compression and decompression formats.
Beyond OT: I didn't realise how much stuff was still going on at aminet, but I love love LOVE that people are still dropping new car sets for Geoff Crammond's F1GP.
¹ http://aminet.net/package/util/pack/xpk_User
² http://aminet.net/package/util/pack/xfdmaster
³ http://aminet.net/package/util/pack/xfd_lzma.lha
⁴ https://www.libarchive.org/
-
WinRAR zero-day exploited since April to hack trading accounts
I don't have a preview channel install handy to check, but apparently they're using libarchive so here's the full list assuming they expose everything it supports:
https://github.com/libarchive/libarchive/wiki/LibarchiveForm...
-
Announcing Windows 11 Insider Preview Build 23493 for the Dev Channel
As announced at the Build conference back in May, this build adds native support for reading additional archive file formats using the libarchive open-source project such as
-
Poor winrar
LibarchiveFormats · libarchive/libarchive Wiki · GitHub
-
Windows 11 getting native support for 7-Zip, RAR, and GZ archives
Seems what they're using is BSD-liscensed: https://github.com/libarchive/libarchive/wiki
What are some alternatives?
zstd - Zstandard - Fast real-time compression algorithm
7z - Because 7-zip source code was in a 7z archive [mirror]
LZ4 - Extremely Fast Compression algorithm
p7zip - A new p7zip fork with additional codecs and improvements (forked from https://sourceforge.net/projects/sevenzip/ AND https://sourceforge.net/projects/p7zip/).
Snappy - A fast compressor/decompressor
fpart - Sort files and pack them into partitions
LZMA - (Unofficial) Git mirror of LZMA SDK releases
Klib - A standalone and lightweight C library
Onion - C library to create simple HTTP servers and Web Applications.
ck - Concurrency primitives, safe memory reclamation mechanisms and non-blocking (including lock-free) data structures designed to aid in the research, design and implementation of high performance concurrent systems developed in C99+.
Minizip-ng - Fork of the popular zip manipulation library found in the zlib distribution.
pixz - Parallel, indexed xz compressor