[liblzma] update to version 5.4.4

[carsten-grimm]

Fixes #34305.

• Changes comply with the maintainer guide
• SHA512s are updated for each updated download
• The "supports" clause reflects platforms that may be fixed by this new version
• Any fixed CI baseline entries are removed from that file.
• Any patches that are no longer applied are deleted from the port's directory.
• The version database is fixed by rerunning ./vcpkg x-add-version --all and committing the result.
• Only one version is added to each modified port's versions file.

[BillyONeal]

Thanks for the update!

[Neustradamus]

@carsten-grimm: Can you update to 5.6.0?

• https://github.com/tukaani-project/xz/releases

I have done a ticket here:

• [liblzma] update to 5.6.0 #37197

Note: There was a 5.4.5 too.

Thanks in advance.

[Neustradamus]

Warning, some people attack me because I have requested the XZ update.
I am not linked to the XZ project.

[carsten-grimm]

Warning, some people attack me because I have requested the XZ update. I am not linked to the XZ project.

@Neustradamus , I hope you did not mistake my post as an attack. It was never meant as such. I was/am worried that you might be affected by the backdoor and need to take measures on your end.

If you meant that somebody else was attacking you, then that is just silly. They might as well attack me for updating the version here without noticing a backdoor that was not even directly included in the source code from what I understand.

[Neustradamus]

@carsten-grimm: No problem with you!

I have received (and have seen several messages) against me because I have requested the liblzma/XZ update with the backdoor.

Some people are really not correct and mix all.

Since a very long time, I do announcements of new project releases and at the same time, I request updates...

I have done the CVE-2024-3094 announcement and specified to quickly revert.

I repeat to all, I am not linked with XZ project.

[Neustradamus]

@teo-tsirpanis has done a PR about the new XZ version (5.6.2) here:

• [liblzma] Update to version 5.6.2. #39024

cc: @carsten-grimm.

Linked to:

• [liblzma] Unable to download "xz" caused install falied #37893
• Revert [liblzma] update to version 5.6.0 (#37199) #37841
• [liblzma] port uses compromised version #37839
• [liblzma] update to version 5.6.0 #37199
• [liblzma] update to 5.6.0 #37197
• [liblzma] update to version 5.4.4 #34306

Official XZ links:

• https://tukaani.org/
• https://tukaani.org/xz/
• https://tukaani.org/xz/#_stable
• https://tukaani.org/xz-backdoor/
• https://github.com/tukaani-project/
• https://github.com/tukaani-project/xz