diff --git a/composer.lock b/composer.lock
index 68aabb311..5b6d1cc08 100644
--- a/composer.lock
+++ b/composer.lock
@@ -2265,16 +2265,16 @@
},
{
"name": "pear/archive_tar",
- "version": "1.4.14",
+ "version": "1.5.0",
"source": {
"type": "git",
"url": "https://github.com/pear/Archive_Tar.git",
- "reference": "4d761c5334c790e45ef3245f0864b8955c562caa"
+ "reference": "b439c859564f5cbb0f64ad6002d0afe84a889602"
},
"dist": {
"type": "zip",
- "url": "https://api.github.com/repos/pear/Archive_Tar/zipball/4d761c5334c790e45ef3245f0864b8955c562caa",
- "reference": "4d761c5334c790e45ef3245f0864b8955c562caa",
+ "url": "https://api.github.com/repos/pear/Archive_Tar/zipball/b439c859564f5cbb0f64ad6002d0afe84a889602",
+ "reference": "b439c859564f5cbb0f64ad6002d0afe84a889602",
"shasum": ""
},
"require": {
@@ -2305,7 +2305,7 @@
"./"
],
"license": [
- "BSD-3-Clause"
+ "BSD-2-Clause"
],
"authors": [
{
@@ -2331,17 +2331,7 @@
"issues": "http://pear.php.net/bugs/search.php?cmd=display&package_name[]=Archive_Tar",
"source": "https://github.com/pear/Archive_Tar"
},
- "funding": [
- {
- "url": "https://github.com/mrook",
- "type": "github"
- },
- {
- "url": "https://www.patreon.com/michielrook",
- "type": "patreon"
- }
- ],
- "time": "2021-07-20T13:53:39+00:00"
+ "time": "2024-03-16T16:21:40+00:00"
},
{
"name": "pear/console_getopt",
diff --git a/composer/installed.json b/composer/installed.json
index 0de3a8b6b..2d8458a1e 100644
--- a/composer/installed.json
+++ b/composer/installed.json
@@ -2358,17 +2358,17 @@
},
{
"name": "pear/archive_tar",
- "version": "1.4.14",
- "version_normalized": "1.4.14.0",
+ "version": "1.5.0",
+ "version_normalized": "1.5.0.0",
"source": {
"type": "git",
"url": "https://github.com/pear/Archive_Tar.git",
- "reference": "4d761c5334c790e45ef3245f0864b8955c562caa"
+ "reference": "b439c859564f5cbb0f64ad6002d0afe84a889602"
},
"dist": {
"type": "zip",
- "url": "https://api.github.com/repos/pear/Archive_Tar/zipball/4d761c5334c790e45ef3245f0864b8955c562caa",
- "reference": "4d761c5334c790e45ef3245f0864b8955c562caa",
+ "url": "https://api.github.com/repos/pear/Archive_Tar/zipball/b439c859564f5cbb0f64ad6002d0afe84a889602",
+ "reference": "b439c859564f5cbb0f64ad6002d0afe84a889602",
"shasum": ""
},
"require": {
@@ -2383,7 +2383,7 @@
"ext-xz": "Lzma2 compression support.",
"ext-zlib": "Gzip compression support."
},
- "time": "2021-07-20T13:53:39+00:00",
+ "time": "2024-03-16T16:21:40+00:00",
"type": "library",
"extra": {
"branch-alias": {
@@ -2401,7 +2401,7 @@
"./"
],
"license": [
- "BSD-3-Clause"
+ "BSD-2-Clause"
],
"authors": [
{
@@ -2427,16 +2427,6 @@
"issues": "http://pear.php.net/bugs/search.php?cmd=display&package_name[]=Archive_Tar",
"source": "https://github.com/pear/Archive_Tar"
},
- "funding": [
- {
- "url": "https://github.com/mrook",
- "type": "github"
- },
- {
- "url": "https://www.patreon.com/michielrook",
- "type": "patreon"
- }
- ],
"install-path": "../pear/archive_tar"
},
{
diff --git a/composer/installed.php b/composer/installed.php
index 3d04d65ae..8c2889d9d 100644
--- a/composer/installed.php
+++ b/composer/installed.php
@@ -3,7 +3,7 @@
'name' => 'nextcloud/3rdparty',
'pretty_version' => 'dev-master',
'version' => 'dev-master',
- 'reference' => '0ee07d2de6dd4c126c1c34ef18c9e5a4cd16a63e',
+ 'reference' => '9cc1b0eca17eac65fbbe9141df52b60320f24d5d',
'type' => 'library',
'install_path' => __DIR__ . '/../',
'aliases' => array(),
@@ -292,7 +292,7 @@
'nextcloud/3rdparty' => array(
'pretty_version' => 'dev-master',
'version' => 'dev-master',
- 'reference' => '0ee07d2de6dd4c126c1c34ef18c9e5a4cd16a63e',
+ 'reference' => '9cc1b0eca17eac65fbbe9141df52b60320f24d5d',
'type' => 'library',
'install_path' => __DIR__ . '/../',
'aliases' => array(),
@@ -317,9 +317,9 @@
'dev_requirement' => false,
),
'pear/archive_tar' => array(
- 'pretty_version' => '1.4.14',
- 'version' => '1.4.14.0',
- 'reference' => '4d761c5334c790e45ef3245f0864b8955c562caa',
+ 'pretty_version' => '1.5.0',
+ 'version' => '1.5.0.0',
+ 'reference' => 'b439c859564f5cbb0f64ad6002d0afe84a889602',
'type' => 'library',
'install_path' => __DIR__ . '/../pear/archive_tar',
'aliases' => array(),
diff --git a/pear/archive_tar/Archive/Tar.php b/pear/archive_tar/Archive/Tar.php
index 3356ad6ac..03daa39f0 100644
--- a/pear/archive_tar/Archive/Tar.php
+++ b/pear/archive_tar/Archive/Tar.php
@@ -280,7 +280,7 @@ public function __destruct()
* single string with names separated by a single
* blank space.
*
- * @return true on success, false on error.
+ * @return bool true on success, false on error.
* @see createModify()
*/
public function create($p_filelist)
@@ -300,7 +300,7 @@ public function create($p_filelist)
* single string with names separated by a single
* blank space.
*
- * @return true on success, false on error.
+ * @return bool true on success, false on error.
* @see createModify()
* @access public
*/
@@ -443,7 +443,7 @@ public function createModify($p_filelist, $p_add_dir, $p_remove_dir = '')
* each element in the list, when
* relevant.
*
- * @return true on success, false on error.
+ * @return bool true on success, false on error.
*/
public function addModify($p_filelist, $p_add_dir, $p_remove_dir = '')
{
@@ -496,7 +496,7 @@ public function addModify($p_filelist, $p_add_dir, $p_remove_dir = '')
* gid => the group ID of the file
* (default = 0 = root)
*
- * @return true on success, false on error.
+ * @return bool true on success, false on error.
*/
public function addString($p_filename, $p_string, $p_datetime = false, $p_params = array())
{
@@ -622,7 +622,7 @@ public function extractInString($p_filename)
* @param boolean $p_preserve Preserve user/group ownership of files
* @param boolean $p_symlinks Allow symlinks.
*
- * @return true on success, false on error.
+ * @return bool true on success, false on error.
* @see extractModify()
*/
public function extractList($p_filelist, $p_path = '', $p_remove_path = '', $p_preserve = false, $p_symlinks = true)
@@ -660,7 +660,7 @@ public function extractList($p_filelist, $p_path = '', $p_remove_path = '', $p_p
* list of parameters, in the format attribute code + attribute values :
* $arch->setAttribute(ARCHIVE_TAR_ATT_SEPARATOR, ',');
*
- * @return true on success, false on error.
+ * @return bool true on success, false on error.
*/
public function setAttribute()
{
@@ -2115,7 +2115,7 @@ public function _extractList(
if ($v_extract_file) {
if ($v_header['typeflag'] == "5") {
if (!@file_exists($v_header['filename'])) {
- if (!@mkdir($v_header['filename'], 0777)) {
+ if (!@mkdir($v_header['filename'], 0775)) {
$this->_error(
'Unable to create directory {'
. $v_header['filename'] . '}'
@@ -2448,7 +2448,7 @@ public function _dirCheck($p_dir)
return false;
}
- if (!@mkdir($p_dir, 0777)) {
+ if (!@mkdir($p_dir, 0775)) {
$this->_error("Unable to create directory '$p_dir'");
return false;
}
diff --git a/pear/archive_tar/package.xml b/pear/archive_tar/package.xml
index d4f20bd4b..a997f41d8 100644
--- a/pear/archive_tar/package.xml
+++ b/pear/archive_tar/package.xml
@@ -24,6 +24,12 @@ Also Lzma2 compressed archives are supported with xz extension.
Michiel Rook
mrook
mrook@php.net
+ no
+
+
+ Drew Webber
+ mcdruid
+ drew@mcdruid.co.uk
yes
@@ -32,11 +38,10 @@ Also Lzma2 compressed archives are supported with xz extension.
stig@php.net
no
- 2021-07-20
-
+ 2024-03-16
- 1.4.14
- 1.4.0
+ 1.5.0
+ 1.5.0
stable
@@ -44,7 +49,8 @@ Also Lzma2 compressed archives are supported with xz extension.
New BSD License
-* Properly fix symbolic link path traversal (CVE-2021-32610)
+* PR #42: fix @return true... to @return bool true... on some functions
+* PR #46: use 775 default for mkdirs, to avoid world-write
@@ -74,6 +80,37 @@ Also Lzma2 compressed archives are supported with xz extension.
+
+
+ 1.5.0
+ 1.5.0
+
+
+ stable
+ stable
+
+ 2024-03-16
+ New BSD License
+
+ * PR #42: fix @return true... to @return bool true... on some functions
+ * PR #46: use 775 default for mkdirs, to avoid world-write
+
+
+
+
+ 1.4.14
+ 1.4.0
+
+
+ stable
+ stable
+
+ 2021-02-16
+ New BSD License
+
+ * Properly fix symbolic link path traversal (CVE-2021-32610)
+
+
1.4.13