Skip to content

Squashfs tools 4.5.1

Compare
Choose a tag to compare
@plougher plougher released this 17 Mar 19:53
· 952 commits to master since this release

This release adds Manpages, a fix for CVE-2021-41072 and the usual minor
improvements and bug fixes.

1. Major improvements

	1.1 This release adds Manpages for Mksquashfs(1), Unsquashfs(1),
	    Sqfstar(1) and Sqfscat(1).
	1.2 The -help text output from the utilities has been improved
	    and extended as well (but the Manpages are now more
	    comprehensive).
	1.3 CVE-2021-41072 which is a writing outside of destination
	    exploit, has been fixed.

2. Minor improvements

	2.1 The number of hard-links in the filesystem is now also
	    displayed by Mksquashfs in the output summary.
	2.2 The number of hard-links written by Unsquashfs is now
	    also displayed in the output summary.
	2.3 Unsquashfs will now write to a pre-existing destination
	    directory, rather than aborting.
	2.4 Unsquashfs now allows "." to used as the destination, to
	    extract to the current directory.
	2.5 The Unsquashfs progress bar now tracks empty files and
	    hardlinks, in addition to data blocks.
	2.6 -no-hardlinks option has been implemented for Sqfstar.
	2.7 More sanity checking for "corrupted" filesystems, including
	    checks for multiply linked directories and directory loops.
	2.8 Options that may cause filesystems to be unmountable have
	    been moved into a new "experts" category in the Mksquashfs
	    help text (and Manpage).

3. Bug fixes

	3.1 Maximum cpiostyle filename limited to PATH_MAX.  This
	    prevents attempts to overflow the stack, or cause system
	    calls to fail with a too long pathname.
	3.2 Don't always use "max open file limit" when calculating
	    length of queues, as a very large file limit can cause
	    Unsquashfs to abort.  Instead use the smaller of max open
	    file limit and cache size.
	3.3 Fix Mksquashfs silently ignoring Pseudo file definitions
	    when appending.
	3.4 Don't abort if no XATTR support has been built in, and
	    there's XATTRs in the filesystem.  This is a regression
	    introduced in 2019 in Version 4.4.
	3.5 Fix duplicate check when the last file block is sparse.