diff --git a/sdk_container/src/third_party/coreos-overlay/coreos/user-patches/app-arch/libarchive/0001-Handle-truncation-in-the-middle-of-a-GNU-long-linkname.patch b/sdk_container/src/third_party/coreos-overlay/coreos/user-patches/app-arch/libarchive/0001-Handle-truncation-in-the-middle-of-a-GNU-long-linkname.patch deleted file mode 100644 index a998542542..0000000000 --- a/sdk_container/src/third_party/coreos-overlay/coreos/user-patches/app-arch/libarchive/0001-Handle-truncation-in-the-middle-of-a-GNU-long-linkname.patch +++ /dev/null @@ -1,31 +0,0 @@ -From 82912103214506316bd9990d73f33d743d55f570 Mon Sep 17 00:00:00 2001 -From: Tim Kientzle -Date: Mon, 9 Dec 2024 21:09:29 -0800 -Subject: [PATCH] Handle truncation in the middle of a GNU long linkname - (#2422) -MIME-Version: 1.0 -Content-Type: text/plain; charset=UTF-8 -Content-Transfer-Encoding: 8bit - -Thanks to gbdngb12 김동건 for reporting this. - -Resolves Issue #2415 ---- - libarchive/archive_read_support_format_tar.c | 4 +++- - 1 file changed, 3 insertions(+), 1 deletion(-) - -diff --git a/libarchive/archive_read_support_format_tar.c b/libarchive/archive_read_support_format_tar.c -index 4aaf1b90ce..b1344ae57d 100644 ---- a/libarchive/archive_read_support_format_tar.c -+++ b/libarchive/archive_read_support_format_tar.c -@@ -1146,7 +1146,9 @@ header_gnu_longlink(struct archive_read *a, struct tar *tar, - struct archive_string linkpath; - archive_string_init(&linkpath); - err = read_body_to_string(a, tar, &linkpath, h, unconsumed); -- archive_entry_set_link(entry, linkpath.s); -+ if (err == ARCHIVE_OK) { -+ archive_entry_set_link(entry, linkpath.s); -+ } - archive_string_free(&linkpath); - return (err); - } diff --git a/sdk_container/src/third_party/coreos-overlay/coreos/user-patches/app-arch/libarchive/README.md b/sdk_container/src/third_party/coreos-overlay/coreos/user-patches/app-arch/libarchive/README.md deleted file mode 100644 index ba76d80f31..0000000000 --- a/sdk_container/src/third_party/coreos-overlay/coreos/user-patches/app-arch/libarchive/README.md +++ /dev/null @@ -1,5 +0,0 @@ -The -`0001-Handle-truncation-in-the-middle-of-a-GNU-long-linkname.patch` -patch addresses CVE-2024-57970. Currently it is only a part of the -master branch so this patch could be dropped when updating to either -3.8.0 or 3.7.8.