libarchive: add v3.7.5, v3.7.6 (fix CVEs) (#46940)

* libarchive: add v3.7.5, v3.7.6 (fix CVEs) * [@spackbot] updating style on behalf of wdconinc --------- Co-authored-by: wdconinc <wdconinc@users.noreply.github.com>
author: Wouter Deconinck <wdconinc@gmail.com> 2024-10-13 04:37:51 -0500
committer: GitHub <noreply@github.com> 2024-10-13 03:37:51 -0600
commit: 0dded55f39a737f48f7b98dca312cfe314db38c0 (patch)
tree: 4749b2da9711ad177ec94b616f90e2ff9be8412f /var
parent: a4ca6452c0343e4860772ae4d3527efab6dbd7bd (diff)
download: spack-0dded55f39a737f48f7b98dca312cfe314db38c0.tar.gz
spack-0dded55f39a737f48f7b98dca312cfe314db38c0.tar.bz2
spack-0dded55f39a737f48f7b98dca312cfe314db38c0.tar.xz
spack-0dded55f39a737f48f7b98dca312cfe314db38c0.zip
1 files changed, 34 insertions, 6 deletions
diff --git a/var/spack/repos/builtin/packages/libarchive/package.py b/var/spack/repos/builtin/packages/libarchive/package.py
index 196f97ad95..124b8a25f0 100644
--- a/var/spack/repos/builtin/packages/libarchive/package.py
+++ b/var/spack/repos/builtin/packages/libarchive/package.py
@@ -17,14 +17,42 @@ class Libarchive(AutotoolsPackage):
 
     license("BSD-2-Clause AND BSD-3-Clause AND Public-Domain")
 
-    version("3.7.4", sha256="7875d49596286055b52439ed42f044bd8ad426aa4cc5aabd96bfe7abb971d5e8")
-    version("3.7.3", sha256="f27a97bc22ceb996e72502df47dc19f99f9a0f09181ae909f09f3c9eb17b67e2")
-    version("3.7.2", sha256="df404eb7222cf30b4f8f93828677890a2986b66ff8bf39dac32a804e96ddf104")
-    version("3.7.1", sha256="5d24e40819768f74daf846b99837fc53a3a9dcdf3ce1c2003fe0596db850f0f0")
-    version("3.7.0", sha256="d937886a14b48c4287c4d343644feb294a14b31b7926ba9a4f1777123ce7c2cc")
-    version("3.6.2", sha256="ba6d02f15ba04aba9c23fd5f236bb234eab9d5209e95d1c4df85c44d5f19b9b3")
+    version("3.7.6", sha256="b4071807367b15b72777c2eaac80f42c8ea2d20212ab279514a19fe1f6f96ef4")
+    version("3.7.5", sha256="37556113fe44d77a7988f1ef88bf86ab68f53d11e85066ffd3c70157cc5110f1")
 
     # Deprecated versions
+    # https://nvd.nist.gov/vuln/detail/CVE-2024-48957
+    version(
+        "3.7.4",
+        sha256="7875d49596286055b52439ed42f044bd8ad426aa4cc5aabd96bfe7abb971d5e8",
+        deprecated=True,
+    )
+    version(
+        "3.7.3",
+        sha256="f27a97bc22ceb996e72502df47dc19f99f9a0f09181ae909f09f3c9eb17b67e2",
+        deprecated=True,
+    )
+    version(
+        "3.7.2",
+        sha256="df404eb7222cf30b4f8f93828677890a2986b66ff8bf39dac32a804e96ddf104",
+        deprecated=True,
+    )
+    version(
+        "3.7.1",
+        sha256="5d24e40819768f74daf846b99837fc53a3a9dcdf3ce1c2003fe0596db850f0f0",
+        deprecated=True,
+    )
+    version(
+        "3.7.0",
+        sha256="d937886a14b48c4287c4d343644feb294a14b31b7926ba9a4f1777123ce7c2cc",
+        deprecated=True,
+    )
+    version(
+        "3.6.2",
+        sha256="ba6d02f15ba04aba9c23fd5f236bb234eab9d5209e95d1c4df85c44d5f19b9b3",
+        deprecated=True,
+    )
+
     # https://nvd.nist.gov/vuln/detail/CVE-2021-31566
     version(
         "3.5.2",
author	Wouter Deconinck <wdconinc@gmail.com>	2024-10-13 04:37:51 -0500
committer	GitHub <noreply@github.com>	2024-10-13 03:37:51 -0600
commit	0dded55f39a737f48f7b98dca312cfe314db38c0 (patch)
tree	4749b2da9711ad177ec94b616f90e2ff9be8412f /var
parent	a4ca6452c0343e4860772ae4d3527efab6dbd7bd (diff)
download	spack-0dded55f39a737f48f7b98dca312cfe314db38c0.tar.gz spack-0dded55f39a737f48f7b98dca312cfe314db38c0.tar.bz2 spack-0dded55f39a737f48f7b98dca312cfe314db38c0.tar.xz spack-0dded55f39a737f48f7b98dca312cfe314db38c0.zip