The markdown parsing is broken/disabled for release notes. Sorry about that, I'm chasing the source of a crash that's been bringing this website down for the last couple of days.
- Bump minizip to 3.0.9
- Add a privacy manifest file per iOS 17+ requirements to document file API usage (thanks @lakshmankreditbee)
- Fixes #662 - CVE-2022-36943. (Thank you @imihaly)
- mz_compat updated to minizip 3.0.7
- Fixes Mac Catalyst build with bumped OS minimum requirements (Thank you @steventroughtonsmith!) #654
Reminder (This message will be dropped after this version):
Version 2.5.0+ Updates Minimum OS Versions.
A key dependency of this project is the zlib library. zlib before version 1.2.12 allows memory corruption when deflating (i.e., when compressing) if the input has many distant matches according to [CVE-2018-25032](https://nvd.nist.gov/vuln/detail/cve-2018-25032).
zlib 1.2.12 is included in macOS 10.15+ (with latest security patches), iOS 15.5+, tvOS 15.4+, watchOS 8.4+. As such, these OS versions will be the new minimums as of version 2.5.0 of ZipArchive.
If you need support for previous versions of ZipArchive for earlier OS support, you can target an earlier version but know you will be using an unmaintained version of this library.
* mz_compat updated to minizip 3.0.6 by @jhudsonWA in https://github.com/ZipArchive/ZipArchive/pull/647
**Builds on 2.5.1:**
Bumps the version of minizip used to 3.0.6 which includes fixes for two buffer overflow issues [fixed in 3.0.5+] **(Thank you LB who reached out via email)**
Reminder:
## Version 2.5.0+ Updates Minimum OS Versions
A key dependency of this project is the zlib library. zlib before version 1.2.12 allows memory corruption when deflating (i.e., when compressing) if the input has many distant matches according to [CVE-2018-25032](https://nvd.nist.gov/vuln/detail/cve-2018-25032).
zlib 1.2.12 is included in macOS 10.15+ (with latest security patches), iOS 15.5+, tvOS 15.4+, watchOS 8.4+. **As such, these OS versions will be the new minimums as of version 2.5.0 of ZipArchive.**
If you need support for previous versions of ZipArchive for earlier OS support you can target an earlier version but know you will be using an unmaintained version of this library.
Bumps the version of minizip used to 3.0.6 which includes fixes for two buffer overflow issues [fixed in 3.0.5+] **(Thank you LB who reached out via email)**
Reminder:
## Version 2.5.0+ Updates Minimum OS Versions
A key dependency of this project is the zlib library. zlib before version 1.2.12 allows memory corruption when deflating (i.e., when compressing) if the input has many distant matches according to [CVE-2018-25032](https://nvd.nist.gov/vuln/detail/cve-2018-25032).
zlib 1.2.12 is included in macOS 10.15+ (with latest security patches), iOS 15.5+, tvOS 15.4+, watchOS 8.4+. **As such, these OS versions will be the new minimums as of version 2.5.0 of ZipArchive.**
If you need support for previous versions of ZipArchive for earlier OS support you can target an earlier version but know you will be using an unmaintained version of this library.
We will not support versions of ZipArchive that use dependencies with known vulnerabilities.
## Version 2.5.0+ Updates Minimum OS Versions
A key dependency of this project is the zlib library. zlib before version 1.2.12 allows memory corruption when deflating (i.e., when compressing) if the input has many distant matches according to [CVE-2018-25032](https://nvd.nist.gov/vuln/detail/cve-2018-25032).
zlib 1.2.12 is included in macOS 10.15+ (with latest security patches), iOS 15.5+, tvOS 15.4+, watchOS 8.4+. **As such, these OS versions will be the new minimums as of version 2.5.0 of ZipArchive.**
If you need support for previous versions of ZipArchive for earlier OS support you can target an earlier version but know you will be using an unmaintained version of this library.
We will not support versions of ZipArchive that use dependencies with known vulnerabilities.
Version 2.4.3
2 years ago
Upgraded minizip to 3.0.4.
Version 2.4.2
2 years ago
Fixes:
More header/import work to help ensure previous integrations continue to work after SPM support was added. (#617) (Thank you @CLJian)
Version 2.4.1
2 years ago
Fixes:
* Restores CocoaPods includes paths to be the same as 2.2.3 (Pre-SPM) - Fixes #616, #615
Improvements:
* Moving to Github actions for CI/CD (#576) (Thank you @willson-chen) - travis-ci.org is shutting down 3/31/2021 and moving to their commercial platform. Getting credits for OSS projects is possible, but takes continual requests and maintenance.
* Provide progress handler for + (BOOL)createZipFileAtPath:withFilesAtPaths:withPassword: (#578) (Thank you @fritzt0)
Version 2.4.0
2 years ago
Improvements And Fixes:
* minizip-ng (formally minizip) upgraded to version 3.0.2 (#613)
* Can now use openForAppending to append to the zip file (#598) (Thank you @andrewreeman)
* Added support for compressing symbolic link files and keeping them as symbolic links (#560) (Thank you @willson-chen) - fixes #313, #423, #551