Subversion Repositories

?revision_form?Rev ?revision_input??revision_submit??revision_endform?

Rev 38 | Rev 41 | Go to most recent revision | Only display areas with differences | Ignore whitespace | Details | Blame | Last modification | View Log | RSS feed

Rev 38 Rev 39
1
libtar (1.2.20-5) unstable; urgency=low
1
libtar (1.2.20-5) unstable; urgency=low
2
2
3
  * oldgnu_prefix.patch: Detect old-style GNU headers correctly (Closes:
3
  * oldgnu_prefix.patch: Detect old-style GNU headers correctly (Closes:
4
    #763119). Those appear in incremental archives and use the bytes that
4
    #763119). Those appear in incremental archives and use the bytes that
5
    the new-style headers use for the prefix field for other fields.
5
    the new-style headers use for the prefix field for other fields.
6
    Thanks to Steinar H. Gunderson.
6
    Thanks to Steinar H. Gunderson.
-
 
7
  * testsuite.patch: Add a simple test (Closes: #737258).
7
8
8
 -- Magnus Holmgren <holmgren@debian.org>  Sun, 12 Oct 2014 21:45:42 +0200
9
 -- Magnus Holmgren <holmgren@debian.org>  Fri, 25 Mar 2016 19:10:41 +0100
9
10
10
libtar (1.2.20-4) unstable; urgency=high
11
libtar (1.2.20-4) unstable; urgency=high
11
12
12
  * no_maxpathlen.patch: Half of the part of the patch modifying
13
  * no_maxpathlen.patch: Half of the part of the patch modifying
13
    compat/dirname.c was missing, causing libtar's dirname to always
14
    compat/dirname.c was missing, causing libtar's dirname to always
14
    return NULL (except in special circumstances). Actually make it work
15
    return NULL (except in special circumstances). Actually make it work
15
    (Closes: #745352). (The reason that libtar doesn't use libc's
16
    (Closes: #745352). (The reason that libtar doesn't use libc's
16
    dirname() and basename() on some or most platforms is that the code
17
    dirname() and basename() on some or most platforms is that the code
17
    doesn't work with destructive versions of these functions).
18
    doesn't work with destructive versions of these functions).
18
19
19
 -- Magnus Holmgren <holmgren@debian.org>  Sat, 03 May 2014 20:39:02 +0200
20
 -- Magnus Holmgren <holmgren@debian.org>  Sat, 03 May 2014 20:39:02 +0200
20
21
21
libtar (1.2.20-3) unstable; urgency=low
22
libtar (1.2.20-3) unstable; urgency=low
22
23
23
  * no_maxpathlen.patch: Fix two grave bugs in the patch. First,
24
  * no_maxpathlen.patch: Fix two grave bugs in the patch. First,
24
    th_get_pathname would only allocate as much memory as was needed for
25
    th_get_pathname would only allocate as much memory as was needed for
25
    the first filename encountered, causing heap corruption when/if
26
    the first filename encountered, causing heap corruption when/if
26
    encountering longer filenames later. Second, two variables were mixed
27
    encountering longer filenames later. Second, two variables were mixed
27
    up in tar_append_tree(). Also, fix a potential memory leak and trim
28
    up in tar_append_tree(). Also, fix a potential memory leak and trim
28
    the patch a bit.
29
    the patch a bit.
29
  * [SECURITY] CVE-2013-4420.patch: When the prefix field is in use, the
30
  * [SECURITY] CVE-2013-4420.patch: When the prefix field is in use, the
30
    safer_name_suffix() function should certainly be applied to the
31
    safer_name_suffix() function should certainly be applied to the
31
    combination of it and the name field, not just on the name field.
32
    combination of it and the name field, not just on the name field.
32
  * th_get_size-unsigned-int.patch: Make the th_get_size() macro cast the
33
  * th_get_size-unsigned-int.patch: Make the th_get_size() macro cast the
33
    result from oct_to_int() to unsigned int. This is the right fix for
34
    result from oct_to_int() to unsigned int. This is the right fix for
34
    bug #725938 on 64-bit systems, where a specially crafted tar file
35
    bug #725938 on 64-bit systems, where a specially crafted tar file
35
    would not cause an integer overflow, but a memory allocation of almost
36
    would not cause an integer overflow, but a memory allocation of almost
36
    16 exbibytes, which would certainly fail outright without harm.
37
    16 exbibytes, which would certainly fail outright without harm.
37
38
38
 -- Magnus Holmgren <holmgren@debian.org>  Sat, 15 Feb 2014 23:51:51 +0100
39
 -- Magnus Holmgren <holmgren@debian.org>  Sat, 15 Feb 2014 23:51:51 +0100
39
40
40
libtar (1.2.20-2) unstable; urgency=low
41
libtar (1.2.20-2) unstable; urgency=low
41
42
42
  * no_static_buffers.patch: avoid using a static buffer in
43
  * no_static_buffers.patch: avoid using a static buffer in
43
    th_get_pathname(). Taken from upstream. Needed for no_maxpathlen.patch.
44
    th_get_pathname(). Taken from upstream. Needed for no_maxpathlen.patch.
44
  * no_maxpathlen.patch: Fix FTBFS on Hurd by dynamically allocating path
45
  * no_maxpathlen.patch: Fix FTBFS on Hurd by dynamically allocating path
45
    names (Closes: #657116). Thanks to Svante Signell and Petter
46
    names (Closes: #657116). Thanks to Svante Signell and Petter
46
    Reinholdtsen.
47
    Reinholdtsen.
47
  * [SECURITY] CVE-2013-4420.patch: Strip out leading slashes and any
48
  * [SECURITY] CVE-2013-4420.patch: Strip out leading slashes and any
48
    pathname prefix containing ".." components (Closes: #731860). This is
49
    pathname prefix containing ".." components (Closes: #731860). This is
49
    done in th_get_pathname() (as well as to symlink targets when
50
    done in th_get_pathname() (as well as to symlink targets when
50
    extracting symlinks), not merely when extracting files, which means
51
    extracting symlinks), not merely when extracting files, which means
51
    applications calling that function will not see the stored
52
    applications calling that function will not see the stored
52
    filename. There is no way to disable this behaviour, but it can be
53
    filename. There is no way to disable this behaviour, but it can be
53
    expected that one will be provided when the issue is solved upstream.
54
    expected that one will be provided when the issue is solved upstream.
54
  * Bump Standards-Version to 3.9.5.
55
  * Bump Standards-Version to 3.9.5.
55
56
56
 -- Magnus Holmgren <holmgren@debian.org>  Sat, 15 Feb 2014 21:49:37 +0100
57
 -- Magnus Holmgren <holmgren@debian.org>  Sat, 15 Feb 2014 21:49:37 +0100
57
58
58
libtar (1.2.20-1) unstable; urgency=high
59
libtar (1.2.20-1) unstable; urgency=high
59
60
60
  * [SECURITY] New upstream release. Fixes CVE-2013-4397: Integer
61
  * [SECURITY] New upstream release. Fixes CVE-2013-4397: Integer
61
    overflow (Closes: #725938).
62
    overflow (Closes: #725938).
62
  * Bump Standards-Version to 3.9.4.
63
  * Bump Standards-Version to 3.9.4.
63
64
64
 -- Magnus Holmgren <holmgren@debian.org>  Thu, 10 Oct 2013 19:20:49 +0200
65
 -- Magnus Holmgren <holmgren@debian.org>  Thu, 10 Oct 2013 19:20:49 +0200
65
66
66
libtar (1.2.19-1) unstable; urgency=low
67
libtar (1.2.19-1) unstable; urgency=low
67
68
68
  * New upstream release.
69
  * New upstream release.
69
70
70
 -- Magnus Holmgren <holmgren@debian.org>  Sun, 05 May 2013 17:59:29 +0200
71
 -- Magnus Holmgren <holmgren@debian.org>  Sun, 05 May 2013 17:59:29 +0200
71
72
72
libtar (1.2.16-1) unstable; urgency=low
73
libtar (1.2.16-1) unstable; urgency=low
73
74
74
  * New upstream: Chris Frey has stepped up with the consent of the
75
  * New upstream: Chris Frey has stepped up with the consent of the
75
    original author, Mark Roth, and published an "official unofficial" git
76
    original author, Mark Roth, and published an "official unofficial" git
76
    repo at http://repo.or.cz/w/libtar.git, which I will use for the time
77
    repo at http://repo.or.cz/w/libtar.git, which I will use for the time
77
    being.
78
    being.
78
  * Updated debian/watch to look for tags and corresponding snapshot
79
  * Updated debian/watch to look for tags and corresponding snapshot
79
    tarballs at above URL.
80
    tarballs at above URL.
80
  * All patches have been incorporated or (in the case of
81
  * All patches have been incorporated or (in the case of
81
    autoreconf.patch) made obsolete upstream.
82
    autoreconf.patch) made obsolete upstream.
82
  * debian/rules: Add build-indep and build-arch targets.
83
  * debian/rules: Add build-indep and build-arch targets.
83
  * Updated debian/copyright.
84
  * Updated debian/copyright.
84
  * Use dpkg-buildflags to set CFLAGS et al.
85
  * Use dpkg-buildflags to set CFLAGS et al.
85
  * debian/control: Add VCS fields; bump Standards-Version to 3.9.3.
86
  * debian/control: Add VCS fields; bump Standards-Version to 3.9.3.
86
87
87
 -- Magnus Holmgren <holmgren@debian.org>  Sat, 23 Jun 2012 01:03:41 +0200
88
 -- Magnus Holmgren <holmgren@debian.org>  Sat, 23 Jun 2012 01:03:41 +0200
88
89
89
libtar (1.2.11-8) unstable; urgency=low
90
libtar (1.2.11-8) unstable; urgency=low
90
91
91
  * libtool.patch: Set SHELL to the configured shell in those Makefile.in
92
  * libtool.patch: Set SHELL to the configured shell in those Makefile.in
92
    where libtool is used; otherwise libtool fails when /bin/sh is dash
93
    where libtool is used; otherwise libtool fails when /bin/sh is dash
93
    but bash is expected (Closes: #621935).
94
    but bash is expected (Closes: #621935).
94
  * man_hyphen_minus.patch (new): Escape hyphens that should be minus
95
  * man_hyphen_minus.patch (new): Escape hyphens that should be minus
95
    signs in man pages.
96
    signs in man pages.
96
  * Rename libtar as libtar0 to follow policy.
97
  * Rename libtar as libtar0 to follow policy.
97
98
98
 -- Magnus Holmgren <holmgren@debian.org>  Sun, 24 Apr 2011 21:11:52 +0200
99
 -- Magnus Holmgren <holmgren@debian.org>  Sun, 24 Apr 2011 21:11:52 +0200
99
100
100
libtar (1.2.11-7) unstable; urgency=low
101
libtar (1.2.11-7) unstable; urgency=low
101
102
102
  * New maintainer (Closes: #526618).
103
  * New maintainer (Closes: #526618).
103
  * Change source format to 3.0 (quilt), clean up Debian diff and split
104
  * Change source format to 3.0 (quilt), clean up Debian diff and split
104
    into several patches:
105
    into several patches:
105
    * libtool.patch: Using libtool to build dynamic library;
106
    * libtool.patch: Using libtool to build dynamic library;
106
    * autoreconf.patch: Changes needed to call autoreconf (bug 511741);
107
    * autoreconf.patch: Changes needed to call autoreconf (bug 511741);
107
    * memleak.patch: Fix memory leaks;
108
    * memleak.patch: Fix memory leaks;
108
    * bad_ptrtoint.patch: Document stupidity of tartype_t in libtar.c 
109
    * bad_ptrtoint.patch: Document stupidity of tartype_t in libtar.c 
109
      (bug 309945).
110
      (bug 309945).
110
  * Increase Debhelper compat level to 7.
111
  * Increase Debhelper compat level to 7.
111
  * Use dh_autoreconf to avoid having to keep track of files to clean.
112
  * Use dh_autoreconf to avoid having to keep track of files to clean.
112
  * memleak2.patch (new): Applied instead of memleak.patch. Fix memory
113
  * memleak2.patch (new): Applied instead of memleak.patch. Fix memory
113
    leak by making th_get_pathname() return a pointer to a static buffer
114
    leak by making th_get_pathname() return a pointer to a static buffer
114
    instead of a pointer to a copy of a local buffer (LP: #41804).
115
    instead of a pointer to a copy of a local buffer (LP: #41804).
115
  * Add homepage field and watch file (in case there is ever a new
116
  * Add homepage field and watch file (in case there is ever a new
116
    upstream release).
117
    upstream release).
117
  * Upgrade to Standards-Version 3.9.1.
118
  * Upgrade to Standards-Version 3.9.1.
118
119
119
 -- Magnus Holmgren <holmgren@debian.org>  Sat, 26 Mar 2011 23:10:25 +0100
120
 -- Magnus Holmgren <holmgren@debian.org>  Sat, 26 Mar 2011 23:10:25 +0100
120
121
121
libtar (1.2.11-6) unstable; urgency=low
122
libtar (1.2.11-6) unstable; urgency=low
122
123
123
  * Fix autotools usage (Closes: #511741)
124
  * Fix autotools usage (Closes: #511741)
124
125
125
 -- Julien Danjou <acid@debian.org>  Sat, 02 May 2009 11:33:06 +0200
126
 -- Julien Danjou <acid@debian.org>  Sat, 02 May 2009 11:33:06 +0200
126
127
127
libtar (1.2.11-5) unstable; urgency=low
128
libtar (1.2.11-5) unstable; urgency=low
128
129
129
  * New maintainer (Closes: #465889)
130
  * New maintainer (Closes: #465889)
130
  * Add missing binary-indep target in debian/rules (Closes: #395714)
131
  * Add missing binary-indep target in debian/rules (Closes: #395714)
131
  * Use ${binary:Version} instead of Source-Version
132
  * Use ${binary:Version} instead of Source-Version
132
  * Bump standard version
133
  * Bump standard version
133
  * Switch to debhelper 5
134
  * Switch to debhelper 5
134
135
135
 -- Julien Danjou <acid@debian.org>  Wed, 02 Apr 2008 07:06:55 +0200
136
 -- Julien Danjou <acid@debian.org>  Wed, 02 Apr 2008 07:06:55 +0200
136
137
137
libtar (1.2.11-4) unstable; urgency=low
138
libtar (1.2.11-4) unstable; urgency=low
138
139
139
  * Always include the newest libtool.m4.  (Closes: #313612)
140
  * Always include the newest libtool.m4.  (Closes: #313612)
140
141
141
 -- James Morrison <phython@debian.org>  Sun, 28 Aug 2005 09:41:47 -0700
142
 -- James Morrison <phython@debian.org>  Sun, 28 Aug 2005 09:41:47 -0700
142
143
143
libtar (1.2.11-3) unstable; urgency=low
144
libtar (1.2.11-3) unstable; urgency=low
144
145
145
  * Document stupidity of tartype_t in libtar.c.  (Closes: #309945)
146
  * Document stupidity of tartype_t in libtar.c.  (Closes: #309945)
146
147
147
 -- James Morrison <phython@debian.org>  Sat, 11 Jun 2005 18:23:15 -0400
148
 -- James Morrison <phython@debian.org>  Sat, 11 Jun 2005 18:23:15 -0400
148
149
149
libtar (1.2.11-2) unstable; urgency=low
150
libtar (1.2.11-2) unstable; urgency=low
150
151
151
  * Move libtar-dev to libdevel. (Closes: #188207)
152
  * Move libtar-dev to libdevel. (Closes: #188207)
152
  * Fix potential memory leak.
153
  * Fix potential memory leak.
153
154
154
 -- James Morrison <phython@debian.org>  Sun, 25 Jul 2004 12:59:08 -0700
155
 -- James Morrison <phython@debian.org>  Sun, 25 Jul 2004 12:59:08 -0700
155
156
156
libtar (1.2.11-1) unstable; urgency=low
157
libtar (1.2.11-1) unstable; urgency=low
157
158
158
  * New Upstream release.
159
  * New Upstream release.
159
160
160
 -- James Morrison <phython@debian.org>  Sat,  5 Apr 2003 14:03:19 -0500
161
 -- James Morrison <phython@debian.org>  Sat,  5 Apr 2003 14:03:19 -0500
161
162
162
libtar (1.2.10-1) unstable; urgency=low
163
libtar (1.2.10-1) unstable; urgency=low
163
164
164
  * New Upstream release.
165
  * New Upstream release.
165
     (Closes: #166602) New upstream uses autoconf 2.5x
166
     (Closes: #166602) New upstream uses autoconf 2.5x
166
  * Remove dependency on automake.  Hopefully upstream will except this
167
  * Remove dependency on automake.  Hopefully upstream will except this
167
    use of libtool.
168
    use of libtool.
168
  * Remove all -static and -shared targets from debian/rules.
169
  * Remove all -static and -shared targets from debian/rules.
169
  * Use dh_install instead of dh_movefiles.
170
  * Use dh_install instead of dh_movefiles.
170
  * -
171
  * -
171
172
172
 -- James Morrison <phython@debian.org>  Sat,  5 Apr 2003 14:03:16 -0500
173
 -- James Morrison <phython@debian.org>  Sat,  5 Apr 2003 14:03:16 -0500
173
174
174
libtar (1.2.5-4) unstable; urgency=low
175
libtar (1.2.5-4) unstable; urgency=low
175
176
176
  * New maintainer. (Closes: #154597)
177
  * New maintainer. (Closes: #154597)
177
  * WSG_ENCAP is now defined.  (Closes: #147764)
178
  * WSG_ENCAP is now defined.  (Closes: #147764)
178
  * libtar-dev depends on libc-dev instead of libc6-dev. 
179
  * libtar-dev depends on libc-dev instead of libc6-dev. 
179
180
180
 -- James Morrison <phython@debian.org>  Wed, 14 Aug 2002 23:44:16 -0400
181
 -- James Morrison <phython@debian.org>  Wed, 14 Aug 2002 23:44:16 -0400
181
182
182
libtar (1.2.5-3) unstable; urgency=low
183
libtar (1.2.5-3) unstable; urgency=low
183
184
184
  * Modify build commands to acomadate change in autoconf (Closes #147764)
185
  * Modify build commands to acomadate change in autoconf (Closes #147764)
185
186
186
 -- Glenn McGrath <bug1@debian.org>  Thu, 23 May 2002 01:06:16 +1000
187
 -- Glenn McGrath <bug1@debian.org>  Thu, 23 May 2002 01:06:16 +1000
187
188
188
libtar (1.2.5-2) unstable; urgency=low
189
libtar (1.2.5-2) unstable; urgency=low
189
190
190
  * Fix build problem (Closes #135360)
191
  * Fix build problem (Closes #135360)
191
192
192
 -- Glenn McGrath <bug1@debian.org>  Sun, 24 Feb 2002 06:29:31 +1100
193
 -- Glenn McGrath <bug1@debian.org>  Sun, 24 Feb 2002 06:29:31 +1100
193
194
194
libtar (1.2.5-1) unstable; urgency=low
195
libtar (1.2.5-1) unstable; urgency=low
195
196
196
  * New upstream version
197
  * New upstream version
197
  * Change section of libtar-dev to devel and libtar to libs
198
  * Change section of libtar-dev to devel and libtar to libs
198
199
199
 -- Glenn McGrath <bug1@debian.org>  Fri, 22 Feb 2002 04:23:15 +1100
200
 -- Glenn McGrath <bug1@debian.org>  Fri, 22 Feb 2002 04:23:15 +1100
200
201
201
libtar (1.2.4-2) unstable; urgency=low
202
libtar (1.2.4-2) unstable; urgency=low
202
203
203
  * Change section from devel to libs 
204
  * Change section from devel to libs 
204
205
205
 -- Glenn McGrath <bug1@debian.org>  Sat,  2 Feb 2002 12:12:32 +1100
206
 -- Glenn McGrath <bug1@debian.org>  Sat,  2 Feb 2002 12:12:32 +1100
206
207
207
libtar (1.2.4-1) unstable; urgency=low
208
libtar (1.2.4-1) unstable; urgency=low
208
209
209
  * Initial Release. (closes #128042)
210
  * Initial Release. (closes #128042)
210
211
211
 -- Glenn McGrath <bug1@debian.org>  Sat,  5 Jan 2002 13:24:37 +1100
212
 -- Glenn McGrath <bug1@debian.org>  Sat,  5 Jan 2002 13:24:37 +1100
212
213