Packages changed: gpgme (1.13.0 -> 1.13.1) libarchive (3.3.3 -> 3.4.0) === Details === ==== gpgme ==== Version update (1.13.0 -> 1.13.1) - gpgme 1.13.1: * core: At debug levels up to 9 print only an ascii dump. * core: Add commented debug helper to posix-io.c. * core: Fix error return value of _gpgme_run_io_cb. * core: Prettify _gpgme_io_select debug output again and fix TRACE_SYSRES. * core: Improve the debug messages even more. * core: Avoid explicit locks in the debug code. * json: Print "nan", "-inf", "inf" if needed. * json: Improve handling of large exponents in the JSON parsor. * core: Implement recpstring option parsing for gpgsm. * core: Make gpgme_op_encrypt_ext work for CMS. * python: Fix typo in DecryptionError exception. * python: Make EXTRA_DIST files explicit. * Python, doc: Minor style improvement. * Always use maintainer mode -Wno cflags. * cpp: Fix initialization warning. * python: stop raising BadSignatures from decrypt(verify=True) * cpp: Add wrapper for gpgme_set_global_flag. * core: Fix duplication of close_notify_handler for gpgsm. ==== libarchive ==== Version update (3.3.3 -> 3.4.0) - Update to version 3.4.0 * Support for file and directory symlinks on Windows * Read support for RAR 5.0 archives * Read support for ZIPX archives with xz, lzma, ppmd8 and bzip2 compression * Support for non-recursive list and extract * New tar option: --exclude-vcs * Improved file attribute support on Linux and file flags support on FreeBSD * Fix reading Android APK archives (#1055 ) * Fix problems related to unreadable directories (#1167) * A two-digit number of OSS-Fuzz issues was resolved in this release - Add libarchive.keyring and validate the tarball signature - Drop all security patches, fixed upstream: * CVE-2018-1000877.patch * CVE-2018-1000878.patch * CVE-2018-1000879.patch * CVE-2018-1000880.patch * CVE-2019-1000019.patch * CVE-2019-1000020.patch