Subversion Repositories

?revision_form?Rev ?revision_input??revision_submit??revision_endform?

Rev 39 | Rev 43 | Go to most recent revision | Details | Compare with Previous | Last modification | View Log | RSS feed

Rev Author Line No. Line
38 magnus 1 
libtar (1.2.20-5) unstable; urgency=low
2 
 
3 
  * oldgnu_prefix.patch: Detect old-style GNU headers correctly (Closes:
4 
    #763119). Those appear in incremental archives and use the bytes that
5 
    the new-style headers use for the prefix field for other fields.
6 
    Thanks to Steinar H. Gunderson.
39 magnus 7 
  * testsuite.patch: Add a simple test (Closes: #737258).
41 magnus 8 
  * Bump Standards-Version to 3.9.7.
38 magnus 9 
 
41 magnus 10 
 -- Magnus Holmgren <holmgren@debian.org>  Fri, 25 Mar 2016 19:12:23 +0100
38 magnus 11 
 
36 magnus 12 
libtar (1.2.20-4) unstable; urgency=high
13 
 
14 
  * no_maxpathlen.patch: Half of the part of the patch modifying
15 
    compat/dirname.c was missing, causing libtar's dirname to always
16 
    return NULL (except in special circumstances). Actually make it work
17 
    (Closes: #745352). (The reason that libtar doesn't use libc's
18 
    dirname() and basename() on some or most platforms is that the code
19 
    doesn't work with destructive versions of these functions).
20 
 
21 
 -- Magnus Holmgren <holmgren@debian.org>  Sat, 03 May 2014 20:39:02 +0200
22 
 
30 magnus 23 
libtar (1.2.20-3) unstable; urgency=low
24 
 
25 
  * no_maxpathlen.patch: Fix two grave bugs in the patch. First,
26 
    th_get_pathname would only allocate as much memory as was needed for
27 
    the first filename encountered, causing heap corruption when/if
28 
    encountering longer filenames later. Second, two variables were mixed
29 
    up in tar_append_tree(). Also, fix a potential memory leak and trim
30 
    the patch a bit.
31 magnus 31 
  * [SECURITY] CVE-2013-4420.patch: When the prefix field is in use, the
32 
    safer_name_suffix() function should certainly be applied to the
33 
    combination of it and the name field, not just on the name field.
33 magnus 34 
  * th_get_size-unsigned-int.patch: Make the th_get_size() macro cast the
35 
    result from oct_to_int() to unsigned int. This is the right fix for
36 
    bug #725938 on 64-bit systems, where a specially crafted tar file
37 
    would not cause an integer overflow, but a memory allocation of almost
38 
    16 exbibytes, which would certainly fail outright without harm.
30 magnus 39 
 
33 magnus 40 
 -- Magnus Holmgren <holmgren@debian.org>  Sat, 15 Feb 2014 23:51:51 +0100
30 magnus 41 
 
23 magnus 42 
libtar (1.2.20-2) unstable; urgency=low
43 
 
44 
  * no_static_buffers.patch: avoid using a static buffer in
45 
    th_get_pathname(). Taken from upstream. Needed for no_maxpathlen.patch.
29 magnus 46 
  * no_maxpathlen.patch: Fix FTBFS on Hurd by dynamically allocating path
23 magnus 47 
    names (Closes: #657116). Thanks to Svante Signell and Petter
48 
    Reinholdtsen.
24 magnus 49 
  * [SECURITY] CVE-2013-4420.patch: Strip out leading slashes and any
50 
    pathname prefix containing ".." components (Closes: #731860). This is
51 
    done in th_get_pathname() (as well as to symlink targets when
52 
    extracting symlinks), not merely when extracting files, which means
53 
    applications calling that function will not see the stored
54 
    filename. There is no way to disable this behaviour, but it can be
55 
    expected that one will be provided when the issue is solved upstream.
25 magnus 56 
  * Bump Standards-Version to 3.9.5.
23 magnus 57 
 
25 magnus 58 
 -- Magnus Holmgren <holmgren@debian.org>  Sat, 15 Feb 2014 21:49:37 +0100
23 magnus 59 
 
18 magnus 60 
libtar (1.2.20-1) unstable; urgency=high
61 
 
62 
  * [SECURITY] New upstream release. Fixes CVE-2013-4397: Integer
63 
    overflow (Closes: #725938).
19 magnus 64 
  * Bump Standards-Version to 3.9.4.
18 magnus 65 
 
66 
 -- Magnus Holmgren <holmgren@debian.org>  Thu, 10 Oct 2013 19:20:49 +0200
67 
 
15 magnus 68 
libtar (1.2.19-1) unstable; urgency=low
69 
 
70 
  * New upstream release.
71 
 
72 
 -- Magnus Holmgren <holmgren@debian.org>  Sun, 05 May 2013 17:59:29 +0200
73 
 
10 magnus 74 
libtar (1.2.16-1) unstable; urgency=low
8 magnus 75 
 
76 
  * New upstream: Chris Frey has stepped up with the consent of the
77 
    original author, Mark Roth, and published an "official unofficial" git
78 
    repo at http://repo.or.cz/w/libtar.git, which I will use for the time
79 
    being.
10 magnus 80 
  * Updated debian/watch to look for tags and corresponding snapshot
81 
    tarballs at above URL.
8 magnus 82 
  * All patches have been incorporated or (in the case of
83 
    autoreconf.patch) made obsolete upstream.
9 magnus 84 
  * debian/rules: Add build-indep and build-arch targets.
11 magnus 85 
  * Updated debian/copyright.
12 magnus 86 
  * Use dpkg-buildflags to set CFLAGS et al.
13 magnus 87 
  * debian/control: Add VCS fields; bump Standards-Version to 3.9.3.
8 magnus 88 
 
13 magnus 89 
 -- Magnus Holmgren <holmgren@debian.org>  Sat, 23 Jun 2012 01:03:41 +0200
8 magnus 90 
 
6 magnus 91 
libtar (1.2.11-8) unstable; urgency=low
92 
 
93 
  * libtool.patch: Set SHELL to the configured shell in those Makefile.in
94 
    where libtool is used; otherwise libtool fails when /bin/sh is dash
95 
    but bash is expected (Closes: #621935).
96 
  * man_hyphen_minus.patch (new): Escape hyphens that should be minus
97 
    signs in man pages.
98 
  * Rename libtar as libtar0 to follow policy.
99 
 
100 
 -- Magnus Holmgren <holmgren@debian.org>  Sun, 24 Apr 2011 21:11:52 +0200
101 
 
5 magnus 102 
libtar (1.2.11-7) unstable; urgency=low
103 
 
104 
  * New maintainer (Closes: #526618).
105 
  * Change source format to 3.0 (quilt), clean up Debian diff and split
106 
    into several patches:
107 
    * libtool.patch: Using libtool to build dynamic library;
108 
    * autoreconf.patch: Changes needed to call autoreconf (bug 511741);
109 
    * memleak.patch: Fix memory leaks;
110 
    * bad_ptrtoint.patch: Document stupidity of tartype_t in libtar.c
111 
      (bug 309945).
112 
  * Increase Debhelper compat level to 7.
113 
  * Use dh_autoreconf to avoid having to keep track of files to clean.
114 
  * memleak2.patch (new): Applied instead of memleak.patch. Fix memory
115 
    leak by making th_get_pathname() return a pointer to a static buffer
116 
    instead of a pointer to a copy of a local buffer (LP: #41804).
117 
  * Add homepage field and watch file (in case there is ever a new
118 
    upstream release).
119 
  * Upgrade to Standards-Version 3.9.1.
120 
 
121 
 -- Magnus Holmgren <holmgren@debian.org>  Sat, 26 Mar 2011 23:10:25 +0100
122 
 
3 magnus 123 
libtar (1.2.11-6) unstable; urgency=low
124 
 
125 
  * Fix autotools usage (Closes: #511741)
126 
 
127 
 -- Julien Danjou <acid@debian.org>  Sat, 02 May 2009 11:33:06 +0200
128 
 
129 
libtar (1.2.11-5) unstable; urgency=low
130 
 
131 
  * New maintainer (Closes: #465889)
132 
  * Add missing binary-indep target in debian/rules (Closes: #395714)
133 
  * Use ${binary:Version} instead of Source-Version
134 
  * Bump standard version
135 
  * Switch to debhelper 5
136 
 
137 
 -- Julien Danjou <acid@debian.org>  Wed, 02 Apr 2008 07:06:55 +0200
138 
 
139 
libtar (1.2.11-4) unstable; urgency=low
140 
 
141 
  * Always include the newest libtool.m4.  (Closes: #313612)
142 
 
143 
 -- James Morrison <phython@debian.org>  Sun, 28 Aug 2005 09:41:47 -0700
144 
 
145 
libtar (1.2.11-3) unstable; urgency=low
146 
 
147 
  * Document stupidity of tartype_t in libtar.c.  (Closes: #309945)
148 
 
149 
 -- James Morrison <phython@debian.org>  Sat, 11 Jun 2005 18:23:15 -0400
150 
 
151 
libtar (1.2.11-2) unstable; urgency=low
152 
 
153 
  * Move libtar-dev to libdevel. (Closes: #188207)
154 
  * Fix potential memory leak.
155 
 
156 
 -- James Morrison <phython@debian.org>  Sun, 25 Jul 2004 12:59:08 -0700
157 
 
158 
libtar (1.2.11-1) unstable; urgency=low
159 
 
160 
  * New Upstream release.
161 
 
162 
 -- James Morrison <phython@debian.org>  Sat,  5 Apr 2003 14:03:19 -0500
163 
 
164 
libtar (1.2.10-1) unstable; urgency=low
165 
 
166 
  * New Upstream release.
167 
     (Closes: #166602) New upstream uses autoconf 2.5x
168 
  * Remove dependency on automake.  Hopefully upstream will except this
169 
    use of libtool.
170 
  * Remove all -static and -shared targets from debian/rules.
171 
  * Use dh_install instead of dh_movefiles.
172 
  * -
173 
 
174 
 -- James Morrison <phython@debian.org>  Sat,  5 Apr 2003 14:03:16 -0500
175 
 
176 
libtar (1.2.5-4) unstable; urgency=low
177 
 
178 
  * New maintainer. (Closes: #154597)
179 
  * WSG_ENCAP is now defined.  (Closes: #147764)
180 
  * libtar-dev depends on libc-dev instead of libc6-dev.
181 
 
182 
 -- James Morrison <phython@debian.org>  Wed, 14 Aug 2002 23:44:16 -0400
183 
 
184 
libtar (1.2.5-3) unstable; urgency=low
185 
 
186 
  * Modify build commands to acomadate change in autoconf (Closes #147764)
187 
 
188 
 -- Glenn McGrath <bug1@debian.org>  Thu, 23 May 2002 01:06:16 +1000
189 
 
190 
libtar (1.2.5-2) unstable; urgency=low
191 
 
192 
  * Fix build problem (Closes #135360)
193 
 
194 
 -- Glenn McGrath <bug1@debian.org>  Sun, 24 Feb 2002 06:29:31 +1100
195 
 
196 
libtar (1.2.5-1) unstable; urgency=low
197 
 
198 
  * New upstream version
199 
  * Change section of libtar-dev to devel and libtar to libs
200 
 
201 
 -- Glenn McGrath <bug1@debian.org>  Fri, 22 Feb 2002 04:23:15 +1100
202 
 
203 
libtar (1.2.4-2) unstable; urgency=low
204 
 
205 
  * Change section from devel to libs
206 
 
207 
 -- Glenn McGrath <bug1@debian.org>  Sat,  2 Feb 2002 12:12:32 +1100
208 
 
209 
libtar (1.2.4-1) unstable; urgency=low
210 
 
211 
  * Initial Release. (closes #128042)
212 
 
213 
 -- Glenn McGrath <bug1@debian.org>  Sat,  5 Jan 2002 13:24:37 +1100
214