Fixes the following security issues:
- 7zip reader: fix PPMD read beyond boundary (#1671)
- ZIP reader: fix possible out of bounds read (OSS-Fuzz 38766 #1672)
- ISO reader: fix possible heap buffer overflow in read_children() (OSS-Fuzz 38764, #1685)
- RARv4 redaer: fix multiple issues in RARv4 filter code (introduced in libarchive 3.6.0)
- fix heap use after free in archive_read_format_rar_read_data() (OSS-Fuzz 44547, 52efa50)
- fix null dereference in read_data_compressed() (OSS-Fuzz 44843, 1271f77)
- fix heap user after free in run_filters() (OSS-Fuzz 46279, #1715)
Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
(cherry picked from commit a33130d964)
[Peter: adjust commit message to make it clear that this is a security bump]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
bb62363012