Subversion Repositories

?revision_form?Rev ?revision_input??revision_submit??revision_endform?

Rev 30 | Rev 36 | Go to most recent revision | Details | Compare with Previous | Last modification | View Log | RSS feed

Rev Author Line No. Line
30 magnus 1
libtar (1.2.20-3) unstable; urgency=low
2
 
3
  * no_maxpathlen.patch: Fix two grave bugs in the patch. First,
4
    th_get_pathname would only allocate as much memory as was needed for
5
    the first filename encountered, causing heap corruption when/if
6
    encountering longer filenames later. Second, two variables were mixed
7
    up in tar_append_tree(). Also, fix a potential memory leak and trim
8
    the patch a bit.
31 magnus 9
  * [SECURITY] CVE-2013-4420.patch: When the prefix field is in use, the
10
    safer_name_suffix() function should certainly be applied to the
11
    combination of it and the name field, not just on the name field.
30 magnus 12
 
31 magnus 13
 -- Magnus Holmgren <holmgren@debian.org>  Sat, 15 Feb 2014 23:21:56 +0100
30 magnus 14
 
23 magnus 15
libtar (1.2.20-2) unstable; urgency=low
16
 
17
  * no_static_buffers.patch: avoid using a static buffer in
18
    th_get_pathname(). Taken from upstream. Needed for no_maxpathlen.patch.
29 magnus 19
  * no_maxpathlen.patch: Fix FTBFS on Hurd by dynamically allocating path
23 magnus 20
    names (Closes: #657116). Thanks to Svante Signell and Petter
21
    Reinholdtsen.
24 magnus 22
  * [SECURITY] CVE-2013-4420.patch: Strip out leading slashes and any
23
    pathname prefix containing ".." components (Closes: #731860). This is
24
    done in th_get_pathname() (as well as to symlink targets when
25
    extracting symlinks), not merely when extracting files, which means
26
    applications calling that function will not see the stored
27
    filename. There is no way to disable this behaviour, but it can be
28
    expected that one will be provided when the issue is solved upstream.
25 magnus 29
  * Bump Standards-Version to 3.9.5.
23 magnus 30
 
25 magnus 31
 -- Magnus Holmgren <holmgren@debian.org>  Sat, 15 Feb 2014 21:49:37 +0100
23 magnus 32
 
18 magnus 33
libtar (1.2.20-1) unstable; urgency=high
34
 
35
  * [SECURITY] New upstream release. Fixes CVE-2013-4397: Integer
36
    overflow (Closes: #725938).
19 magnus 37
  * Bump Standards-Version to 3.9.4.
18 magnus 38
 
39
 -- Magnus Holmgren <holmgren@debian.org>  Thu, 10 Oct 2013 19:20:49 +0200
40
 
15 magnus 41
libtar (1.2.19-1) unstable; urgency=low
42
 
43
  * New upstream release.
44
 
45
 -- Magnus Holmgren <holmgren@debian.org>  Sun, 05 May 2013 17:59:29 +0200
46
 
10 magnus 47
libtar (1.2.16-1) unstable; urgency=low
8 magnus 48
 
49
  * New upstream: Chris Frey has stepped up with the consent of the
50
    original author, Mark Roth, and published an "official unofficial" git
51
    repo at http://repo.or.cz/w/libtar.git, which I will use for the time
52
    being.
10 magnus 53
  * Updated debian/watch to look for tags and corresponding snapshot
54
    tarballs at above URL.
8 magnus 55
  * All patches have been incorporated or (in the case of
56
    autoreconf.patch) made obsolete upstream.
9 magnus 57
  * debian/rules: Add build-indep and build-arch targets.
11 magnus 58
  * Updated debian/copyright.
12 magnus 59
  * Use dpkg-buildflags to set CFLAGS et al.
13 magnus 60
  * debian/control: Add VCS fields; bump Standards-Version to 3.9.3.
8 magnus 61
 
13 magnus 62
 -- Magnus Holmgren <holmgren@debian.org>  Sat, 23 Jun 2012 01:03:41 +0200
8 magnus 63
 
6 magnus 64
libtar (1.2.11-8) unstable; urgency=low
65
 
66
  * libtool.patch: Set SHELL to the configured shell in those Makefile.in
67
    where libtool is used; otherwise libtool fails when /bin/sh is dash
68
    but bash is expected (Closes: #621935).
69
  * man_hyphen_minus.patch (new): Escape hyphens that should be minus
70
    signs in man pages.
71
  * Rename libtar as libtar0 to follow policy.
72
 
73
 -- Magnus Holmgren <holmgren@debian.org>  Sun, 24 Apr 2011 21:11:52 +0200
74
 
5 magnus 75
libtar (1.2.11-7) unstable; urgency=low
76
 
77
  * New maintainer (Closes: #526618).
78
  * Change source format to 3.0 (quilt), clean up Debian diff and split
79
    into several patches:
80
    * libtool.patch: Using libtool to build dynamic library;
81
    * autoreconf.patch: Changes needed to call autoreconf (bug 511741);
82
    * memleak.patch: Fix memory leaks;
83
    * bad_ptrtoint.patch: Document stupidity of tartype_t in libtar.c
84
      (bug 309945).
85
  * Increase Debhelper compat level to 7.
86
  * Use dh_autoreconf to avoid having to keep track of files to clean.
87
  * memleak2.patch (new): Applied instead of memleak.patch. Fix memory
88
    leak by making th_get_pathname() return a pointer to a static buffer
89
    instead of a pointer to a copy of a local buffer (LP: #41804).
90
  * Add homepage field and watch file (in case there is ever a new
91
    upstream release).
92
  * Upgrade to Standards-Version 3.9.1.
93
 
94
 -- Magnus Holmgren <holmgren@debian.org>  Sat, 26 Mar 2011 23:10:25 +0100
95
 
3 magnus 96
libtar (1.2.11-6) unstable; urgency=low
97
 
98
  * Fix autotools usage (Closes: #511741)
99
 
100
 -- Julien Danjou <acid@debian.org>  Sat, 02 May 2009 11:33:06 +0200
101
 
102
libtar (1.2.11-5) unstable; urgency=low
103
 
104
  * New maintainer (Closes: #465889)
105
  * Add missing binary-indep target in debian/rules (Closes: #395714)
106
  * Use ${binary:Version} instead of Source-Version
107
  * Bump standard version
108
  * Switch to debhelper 5
109
 
110
 -- Julien Danjou <acid@debian.org>  Wed, 02 Apr 2008 07:06:55 +0200
111
 
112
libtar (1.2.11-4) unstable; urgency=low
113
 
114
  * Always include the newest libtool.m4.  (Closes: #313612)
115
 
116
 -- James Morrison <phython@debian.org>  Sun, 28 Aug 2005 09:41:47 -0700
117
 
118
libtar (1.2.11-3) unstable; urgency=low
119
 
120
  * Document stupidity of tartype_t in libtar.c.  (Closes: #309945)
121
 
122
 -- James Morrison <phython@debian.org>  Sat, 11 Jun 2005 18:23:15 -0400
123
 
124
libtar (1.2.11-2) unstable; urgency=low
125
 
126
  * Move libtar-dev to libdevel. (Closes: #188207)
127
  * Fix potential memory leak.
128
 
129
 -- James Morrison <phython@debian.org>  Sun, 25 Jul 2004 12:59:08 -0700
130
 
131
libtar (1.2.11-1) unstable; urgency=low
132
 
133
  * New Upstream release.
134
 
135
 -- James Morrison <phython@debian.org>  Sat,  5 Apr 2003 14:03:19 -0500
136
 
137
libtar (1.2.10-1) unstable; urgency=low
138
 
139
  * New Upstream release.
140
     (Closes: #166602) New upstream uses autoconf 2.5x
141
  * Remove dependency on automake.  Hopefully upstream will except this
142
    use of libtool.
143
  * Remove all -static and -shared targets from debian/rules.
144
  * Use dh_install instead of dh_movefiles.
145
  * -
146
 
147
 -- James Morrison <phython@debian.org>  Sat,  5 Apr 2003 14:03:16 -0500
148
 
149
libtar (1.2.5-4) unstable; urgency=low
150
 
151
  * New maintainer. (Closes: #154597)
152
  * WSG_ENCAP is now defined.  (Closes: #147764)
153
  * libtar-dev depends on libc-dev instead of libc6-dev.
154
 
155
 -- James Morrison <phython@debian.org>  Wed, 14 Aug 2002 23:44:16 -0400
156
 
157
libtar (1.2.5-3) unstable; urgency=low
158
 
159
  * Modify build commands to acomadate change in autoconf (Closes #147764)
160
 
161
 -- Glenn McGrath <bug1@debian.org>  Thu, 23 May 2002 01:06:16 +1000
162
 
163
libtar (1.2.5-2) unstable; urgency=low
164
 
165
  * Fix build problem (Closes #135360)
166
 
167
 -- Glenn McGrath <bug1@debian.org>  Sun, 24 Feb 2002 06:29:31 +1100
168
 
169
libtar (1.2.5-1) unstable; urgency=low
170
 
171
  * New upstream version
172
  * Change section of libtar-dev to devel and libtar to libs
173
 
174
 -- Glenn McGrath <bug1@debian.org>  Fri, 22 Feb 2002 04:23:15 +1100
175
 
176
libtar (1.2.4-2) unstable; urgency=low
177
 
178
  * Change section from devel to libs
179
 
180
 -- Glenn McGrath <bug1@debian.org>  Sat,  2 Feb 2002 12:12:32 +1100
181
 
182
libtar (1.2.4-1) unstable; urgency=low
183
 
184
  * Initial Release. (closes #128042)
185
 
186
 -- Glenn McGrath <bug1@debian.org>  Sat,  5 Jan 2002 13:24:37 +1100
187