libtar - /branches/

Rev 35 -- [SECURITY] CVE-2013-4420.patch: Strip out leading slashes and any pathname prefix ...

magnus — Sun, 16 Feb 2014 19:12:41 +0100

magnus -- 3 file(s) modified
[SECURITY] CVE-2013-4420.patch: Strip out leading slashes and any
pathname prefix containing ".." components (Closes: #731860). This is
done in th_get_pathname() (as well as to symlink targets when
extracting symlinks), not merely when extracting files, which means
applications calling that function will not see the stored
filename. There is no way to disable this behaviour, but it can be
expected that one will be provided when the issue is solved upstream.

~ /branches/wheezy/debian/changelog
+ /branches/wheezy/debian/patches/CVE-2013-4420.patch
~ /branches/wheezy/debian/patches/series

Rev 27 -- [SECURITY] size_t-overflow_cve-2013-4397.patch: Fix CVE-2013-4397: Integer overflow (Closes: #725938).

magnus — Sat, 15 Feb 2014 22:19:53 +0100

magnus -- 3 file(s) modified
[SECURITY] size_t-overflow_cve-2013-4397.patch: Fix CVE-2013-4397:
Integer overflow (Closes: #725938).

~ /branches/wheezy/debian/changelog
~ /branches/wheezy/debian/patches/series
+ /branches/wheezy/debian/patches/size_t-overflow_cve-2013-4397.patch

Rev 21 -- Create wheezy branch

magnus — Thu, 10 Oct 2013 19:34:38 +0200

magnus -- 1 file(s) modified
Create wheezy branch

+ /branches/wheezy (copied from /tags/1.2.16-1@20)

Rev 20 -- Create branches directory

magnus — Thu, 10 Oct 2013 19:34:32 +0200

magnus -- 1 file(s) modified
Create branches directory

+ /branches