Subversion Repositories

?revision_form?Rev ?revision_input??revision_submit??revision_endform?

Rev 43 | Rev 45 | Go to most recent revision | Details | Compare with Previous | Last modification | View Log | RSS feed

Rev Author Line No. Line
43 magnus 1
libtar (1.2.20-6) unstable; urgency=low
2
 
3
  * Drop libtar/Makefile from examples, since it makes the build
4
    unreproducible (saves $SHELL) and isn't enough to compile libtar.c
5
    anyway.
44 magnus 6
  * Bump Standards-Version to 3.9.8.
43 magnus 7
 
44 magnus 8
 -- Magnus Holmgren <holmgren@debian.org>  Mon, 01 Aug 2016 22:52:44 +0200
43 magnus 9
 
38 magnus 10
libtar (1.2.20-5) unstable; urgency=low
11
 
12
  * oldgnu_prefix.patch: Detect old-style GNU headers correctly (Closes:
13
    #763119). Those appear in incremental archives and use the bytes that
14
    the new-style headers use for the prefix field for other fields.
15
    Thanks to Steinar H. Gunderson.
39 magnus 16
  * testsuite.patch: Add a simple test (Closes: #737258).
41 magnus 17
  * Bump Standards-Version to 3.9.7.
38 magnus 18
 
41 magnus 19
 -- Magnus Holmgren <holmgren@debian.org>  Fri, 25 Mar 2016 19:12:23 +0100
38 magnus 20
 
36 magnus 21
libtar (1.2.20-4) unstable; urgency=high
22
 
23
  * no_maxpathlen.patch: Half of the part of the patch modifying
24
    compat/dirname.c was missing, causing libtar's dirname to always
25
    return NULL (except in special circumstances). Actually make it work
26
    (Closes: #745352). (The reason that libtar doesn't use libc's
27
    dirname() and basename() on some or most platforms is that the code
28
    doesn't work with destructive versions of these functions).
29
 
30
 -- Magnus Holmgren <holmgren@debian.org>  Sat, 03 May 2014 20:39:02 +0200
31
 
30 magnus 32
libtar (1.2.20-3) unstable; urgency=low
33
 
34
  * no_maxpathlen.patch: Fix two grave bugs in the patch. First,
35
    th_get_pathname would only allocate as much memory as was needed for
36
    the first filename encountered, causing heap corruption when/if
37
    encountering longer filenames later. Second, two variables were mixed
38
    up in tar_append_tree(). Also, fix a potential memory leak and trim
39
    the patch a bit.
31 magnus 40
  * [SECURITY] CVE-2013-4420.patch: When the prefix field is in use, the
41
    safer_name_suffix() function should certainly be applied to the
42
    combination of it and the name field, not just on the name field.
33 magnus 43
  * th_get_size-unsigned-int.patch: Make the th_get_size() macro cast the
44
    result from oct_to_int() to unsigned int. This is the right fix for
45
    bug #725938 on 64-bit systems, where a specially crafted tar file
46
    would not cause an integer overflow, but a memory allocation of almost
47
    16 exbibytes, which would certainly fail outright without harm.
30 magnus 48
 
33 magnus 49
 -- Magnus Holmgren <holmgren@debian.org>  Sat, 15 Feb 2014 23:51:51 +0100
30 magnus 50
 
23 magnus 51
libtar (1.2.20-2) unstable; urgency=low
52
 
53
  * no_static_buffers.patch: avoid using a static buffer in
54
    th_get_pathname(). Taken from upstream. Needed for no_maxpathlen.patch.
29 magnus 55
  * no_maxpathlen.patch: Fix FTBFS on Hurd by dynamically allocating path
23 magnus 56
    names (Closes: #657116). Thanks to Svante Signell and Petter
57
    Reinholdtsen.
24 magnus 58
  * [SECURITY] CVE-2013-4420.patch: Strip out leading slashes and any
59
    pathname prefix containing ".." components (Closes: #731860). This is
60
    done in th_get_pathname() (as well as to symlink targets when
61
    extracting symlinks), not merely when extracting files, which means
62
    applications calling that function will not see the stored
63
    filename. There is no way to disable this behaviour, but it can be
64
    expected that one will be provided when the issue is solved upstream.
25 magnus 65
  * Bump Standards-Version to 3.9.5.
23 magnus 66
 
25 magnus 67
 -- Magnus Holmgren <holmgren@debian.org>  Sat, 15 Feb 2014 21:49:37 +0100
23 magnus 68
 
18 magnus 69
libtar (1.2.20-1) unstable; urgency=high
70
 
71
  * [SECURITY] New upstream release. Fixes CVE-2013-4397: Integer
72
    overflow (Closes: #725938).
19 magnus 73
  * Bump Standards-Version to 3.9.4.
18 magnus 74
 
75
 -- Magnus Holmgren <holmgren@debian.org>  Thu, 10 Oct 2013 19:20:49 +0200
76
 
15 magnus 77
libtar (1.2.19-1) unstable; urgency=low
78
 
79
  * New upstream release.
80
 
81
 -- Magnus Holmgren <holmgren@debian.org>  Sun, 05 May 2013 17:59:29 +0200
82
 
10 magnus 83
libtar (1.2.16-1) unstable; urgency=low
8 magnus 84
 
85
  * New upstream: Chris Frey has stepped up with the consent of the
86
    original author, Mark Roth, and published an "official unofficial" git
87
    repo at http://repo.or.cz/w/libtar.git, which I will use for the time
88
    being.
10 magnus 89
  * Updated debian/watch to look for tags and corresponding snapshot
90
    tarballs at above URL.
8 magnus 91
  * All patches have been incorporated or (in the case of
92
    autoreconf.patch) made obsolete upstream.
9 magnus 93
  * debian/rules: Add build-indep and build-arch targets.
11 magnus 94
  * Updated debian/copyright.
12 magnus 95
  * Use dpkg-buildflags to set CFLAGS et al.
13 magnus 96
  * debian/control: Add VCS fields; bump Standards-Version to 3.9.3.
8 magnus 97
 
13 magnus 98
 -- Magnus Holmgren <holmgren@debian.org>  Sat, 23 Jun 2012 01:03:41 +0200
8 magnus 99
 
6 magnus 100
libtar (1.2.11-8) unstable; urgency=low
101
 
102
  * libtool.patch: Set SHELL to the configured shell in those Makefile.in
103
    where libtool is used; otherwise libtool fails when /bin/sh is dash
104
    but bash is expected (Closes: #621935).
105
  * man_hyphen_minus.patch (new): Escape hyphens that should be minus
106
    signs in man pages.
107
  * Rename libtar as libtar0 to follow policy.
108
 
109
 -- Magnus Holmgren <holmgren@debian.org>  Sun, 24 Apr 2011 21:11:52 +0200
110
 
5 magnus 111
libtar (1.2.11-7) unstable; urgency=low
112
 
113
  * New maintainer (Closes: #526618).
114
  * Change source format to 3.0 (quilt), clean up Debian diff and split
115
    into several patches:
116
    * libtool.patch: Using libtool to build dynamic library;
117
    * autoreconf.patch: Changes needed to call autoreconf (bug 511741);
118
    * memleak.patch: Fix memory leaks;
119
    * bad_ptrtoint.patch: Document stupidity of tartype_t in libtar.c
120
      (bug 309945).
121
  * Increase Debhelper compat level to 7.
122
  * Use dh_autoreconf to avoid having to keep track of files to clean.
123
  * memleak2.patch (new): Applied instead of memleak.patch. Fix memory
124
    leak by making th_get_pathname() return a pointer to a static buffer
125
    instead of a pointer to a copy of a local buffer (LP: #41804).
126
  * Add homepage field and watch file (in case there is ever a new
127
    upstream release).
128
  * Upgrade to Standards-Version 3.9.1.
129
 
130
 -- Magnus Holmgren <holmgren@debian.org>  Sat, 26 Mar 2011 23:10:25 +0100
131
 
3 magnus 132
libtar (1.2.11-6) unstable; urgency=low
133
 
134
  * Fix autotools usage (Closes: #511741)
135
 
136
 -- Julien Danjou <acid@debian.org>  Sat, 02 May 2009 11:33:06 +0200
137
 
138
libtar (1.2.11-5) unstable; urgency=low
139
 
140
  * New maintainer (Closes: #465889)
141
  * Add missing binary-indep target in debian/rules (Closes: #395714)
142
  * Use ${binary:Version} instead of Source-Version
143
  * Bump standard version
144
  * Switch to debhelper 5
145
 
146
 -- Julien Danjou <acid@debian.org>  Wed, 02 Apr 2008 07:06:55 +0200
147
 
148
libtar (1.2.11-4) unstable; urgency=low
149
 
150
  * Always include the newest libtool.m4.  (Closes: #313612)
151
 
152
 -- James Morrison <phython@debian.org>  Sun, 28 Aug 2005 09:41:47 -0700
153
 
154
libtar (1.2.11-3) unstable; urgency=low
155
 
156
  * Document stupidity of tartype_t in libtar.c.  (Closes: #309945)
157
 
158
 -- James Morrison <phython@debian.org>  Sat, 11 Jun 2005 18:23:15 -0400
159
 
160
libtar (1.2.11-2) unstable; urgency=low
161
 
162
  * Move libtar-dev to libdevel. (Closes: #188207)
163
  * Fix potential memory leak.
164
 
165
 -- James Morrison <phython@debian.org>  Sun, 25 Jul 2004 12:59:08 -0700
166
 
167
libtar (1.2.11-1) unstable; urgency=low
168
 
169
  * New Upstream release.
170
 
171
 -- James Morrison <phython@debian.org>  Sat,  5 Apr 2003 14:03:19 -0500
172
 
173
libtar (1.2.10-1) unstable; urgency=low
174
 
175
  * New Upstream release.
176
     (Closes: #166602) New upstream uses autoconf 2.5x
177
  * Remove dependency on automake.  Hopefully upstream will except this
178
    use of libtool.
179
  * Remove all -static and -shared targets from debian/rules.
180
  * Use dh_install instead of dh_movefiles.
181
  * -
182
 
183
 -- James Morrison <phython@debian.org>  Sat,  5 Apr 2003 14:03:16 -0500
184
 
185
libtar (1.2.5-4) unstable; urgency=low
186
 
187
  * New maintainer. (Closes: #154597)
188
  * WSG_ENCAP is now defined.  (Closes: #147764)
189
  * libtar-dev depends on libc-dev instead of libc6-dev.
190
 
191
 -- James Morrison <phython@debian.org>  Wed, 14 Aug 2002 23:44:16 -0400
192
 
193
libtar (1.2.5-3) unstable; urgency=low
194
 
195
  * Modify build commands to acomadate change in autoconf (Closes #147764)
196
 
197
 -- Glenn McGrath <bug1@debian.org>  Thu, 23 May 2002 01:06:16 +1000
198
 
199
libtar (1.2.5-2) unstable; urgency=low
200
 
201
  * Fix build problem (Closes #135360)
202
 
203
 -- Glenn McGrath <bug1@debian.org>  Sun, 24 Feb 2002 06:29:31 +1100
204
 
205
libtar (1.2.5-1) unstable; urgency=low
206
 
207
  * New upstream version
208
  * Change section of libtar-dev to devel and libtar to libs
209
 
210
 -- Glenn McGrath <bug1@debian.org>  Fri, 22 Feb 2002 04:23:15 +1100
211
 
212
libtar (1.2.4-2) unstable; urgency=low
213
 
214
  * Change section from devel to libs
215
 
216
 -- Glenn McGrath <bug1@debian.org>  Sat,  2 Feb 2002 12:12:32 +1100
217
 
218
libtar (1.2.4-1) unstable; urgency=low
219
 
220
  * Initial Release. (closes #128042)
221
 
222
 -- Glenn McGrath <bug1@debian.org>  Sat,  5 Jan 2002 13:24:37 +1100
223