Subversion Repositories

?revision_form?Rev ?revision_input??revision_submit??revision_endform?

Rev 44 | Rev 48 | Go to most recent revision | Details | Compare with Previous | Last modification | View Log | RSS feed

Rev Author Line No. Line
45 magnus 1
libtar (1.2.20-7) unstable; urgency=low
2
 
3
  * no_strip.patch: make install must not strip binaries; it breaks cross
4
    compilation and is against policy with regard to build options.
5
 
6
 -- Magnus Holmgren <holmgren@debian.org>  Tue, 11 Oct 2016 22:00:33 +0200
7
 
43 magnus 8
libtar (1.2.20-6) unstable; urgency=low
9
 
10
  * Drop libtar/Makefile from examples, since it makes the build
11
    unreproducible (saves $SHELL) and isn't enough to compile libtar.c
12
    anyway.
44 magnus 13
  * Bump Standards-Version to 3.9.8.
43 magnus 14
 
44 magnus 15
 -- Magnus Holmgren <holmgren@debian.org>  Mon, 01 Aug 2016 22:52:44 +0200
43 magnus 16
 
38 magnus 17
libtar (1.2.20-5) unstable; urgency=low
18
 
19
  * oldgnu_prefix.patch: Detect old-style GNU headers correctly (Closes:
20
    #763119). Those appear in incremental archives and use the bytes that
21
    the new-style headers use for the prefix field for other fields.
22
    Thanks to Steinar H. Gunderson.
39 magnus 23
  * testsuite.patch: Add a simple test (Closes: #737258).
41 magnus 24
  * Bump Standards-Version to 3.9.7.
38 magnus 25
 
41 magnus 26
 -- Magnus Holmgren <holmgren@debian.org>  Fri, 25 Mar 2016 19:12:23 +0100
38 magnus 27
 
36 magnus 28
libtar (1.2.20-4) unstable; urgency=high
29
 
30
  * no_maxpathlen.patch: Half of the part of the patch modifying
31
    compat/dirname.c was missing, causing libtar's dirname to always
32
    return NULL (except in special circumstances). Actually make it work
33
    (Closes: #745352). (The reason that libtar doesn't use libc's
34
    dirname() and basename() on some or most platforms is that the code
35
    doesn't work with destructive versions of these functions).
36
 
37
 -- Magnus Holmgren <holmgren@debian.org>  Sat, 03 May 2014 20:39:02 +0200
38
 
30 magnus 39
libtar (1.2.20-3) unstable; urgency=low
40
 
41
  * no_maxpathlen.patch: Fix two grave bugs in the patch. First,
42
    th_get_pathname would only allocate as much memory as was needed for
43
    the first filename encountered, causing heap corruption when/if
44
    encountering longer filenames later. Second, two variables were mixed
45
    up in tar_append_tree(). Also, fix a potential memory leak and trim
46
    the patch a bit.
31 magnus 47
  * [SECURITY] CVE-2013-4420.patch: When the prefix field is in use, the
48
    safer_name_suffix() function should certainly be applied to the
49
    combination of it and the name field, not just on the name field.
33 magnus 50
  * th_get_size-unsigned-int.patch: Make the th_get_size() macro cast the
51
    result from oct_to_int() to unsigned int. This is the right fix for
52
    bug #725938 on 64-bit systems, where a specially crafted tar file
53
    would not cause an integer overflow, but a memory allocation of almost
54
    16 exbibytes, which would certainly fail outright without harm.
30 magnus 55
 
33 magnus 56
 -- Magnus Holmgren <holmgren@debian.org>  Sat, 15 Feb 2014 23:51:51 +0100
30 magnus 57
 
23 magnus 58
libtar (1.2.20-2) unstable; urgency=low
59
 
60
  * no_static_buffers.patch: avoid using a static buffer in
61
    th_get_pathname(). Taken from upstream. Needed for no_maxpathlen.patch.
29 magnus 62
  * no_maxpathlen.patch: Fix FTBFS on Hurd by dynamically allocating path
23 magnus 63
    names (Closes: #657116). Thanks to Svante Signell and Petter
64
    Reinholdtsen.
24 magnus 65
  * [SECURITY] CVE-2013-4420.patch: Strip out leading slashes and any
66
    pathname prefix containing ".." components (Closes: #731860). This is
67
    done in th_get_pathname() (as well as to symlink targets when
68
    extracting symlinks), not merely when extracting files, which means
69
    applications calling that function will not see the stored
70
    filename. There is no way to disable this behaviour, but it can be
71
    expected that one will be provided when the issue is solved upstream.
25 magnus 72
  * Bump Standards-Version to 3.9.5.
23 magnus 73
 
25 magnus 74
 -- Magnus Holmgren <holmgren@debian.org>  Sat, 15 Feb 2014 21:49:37 +0100
23 magnus 75
 
18 magnus 76
libtar (1.2.20-1) unstable; urgency=high
77
 
78
  * [SECURITY] New upstream release. Fixes CVE-2013-4397: Integer
79
    overflow (Closes: #725938).
19 magnus 80
  * Bump Standards-Version to 3.9.4.
18 magnus 81
 
82
 -- Magnus Holmgren <holmgren@debian.org>  Thu, 10 Oct 2013 19:20:49 +0200
83
 
15 magnus 84
libtar (1.2.19-1) unstable; urgency=low
85
 
86
  * New upstream release.
87
 
88
 -- Magnus Holmgren <holmgren@debian.org>  Sun, 05 May 2013 17:59:29 +0200
89
 
10 magnus 90
libtar (1.2.16-1) unstable; urgency=low
8 magnus 91
 
92
  * New upstream: Chris Frey has stepped up with the consent of the
93
    original author, Mark Roth, and published an "official unofficial" git
94
    repo at http://repo.or.cz/w/libtar.git, which I will use for the time
95
    being.
10 magnus 96
  * Updated debian/watch to look for tags and corresponding snapshot
97
    tarballs at above URL.
8 magnus 98
  * All patches have been incorporated or (in the case of
99
    autoreconf.patch) made obsolete upstream.
9 magnus 100
  * debian/rules: Add build-indep and build-arch targets.
11 magnus 101
  * Updated debian/copyright.
12 magnus 102
  * Use dpkg-buildflags to set CFLAGS et al.
13 magnus 103
  * debian/control: Add VCS fields; bump Standards-Version to 3.9.3.
8 magnus 104
 
13 magnus 105
 -- Magnus Holmgren <holmgren@debian.org>  Sat, 23 Jun 2012 01:03:41 +0200
8 magnus 106
 
6 magnus 107
libtar (1.2.11-8) unstable; urgency=low
108
 
109
  * libtool.patch: Set SHELL to the configured shell in those Makefile.in
110
    where libtool is used; otherwise libtool fails when /bin/sh is dash
111
    but bash is expected (Closes: #621935).
112
  * man_hyphen_minus.patch (new): Escape hyphens that should be minus
113
    signs in man pages.
114
  * Rename libtar as libtar0 to follow policy.
115
 
116
 -- Magnus Holmgren <holmgren@debian.org>  Sun, 24 Apr 2011 21:11:52 +0200
117
 
5 magnus 118
libtar (1.2.11-7) unstable; urgency=low
119
 
120
  * New maintainer (Closes: #526618).
121
  * Change source format to 3.0 (quilt), clean up Debian diff and split
122
    into several patches:
123
    * libtool.patch: Using libtool to build dynamic library;
124
    * autoreconf.patch: Changes needed to call autoreconf (bug 511741);
125
    * memleak.patch: Fix memory leaks;
126
    * bad_ptrtoint.patch: Document stupidity of tartype_t in libtar.c
127
      (bug 309945).
128
  * Increase Debhelper compat level to 7.
129
  * Use dh_autoreconf to avoid having to keep track of files to clean.
130
  * memleak2.patch (new): Applied instead of memleak.patch. Fix memory
131
    leak by making th_get_pathname() return a pointer to a static buffer
132
    instead of a pointer to a copy of a local buffer (LP: #41804).
133
  * Add homepage field and watch file (in case there is ever a new
134
    upstream release).
135
  * Upgrade to Standards-Version 3.9.1.
136
 
137
 -- Magnus Holmgren <holmgren@debian.org>  Sat, 26 Mar 2011 23:10:25 +0100
138
 
3 magnus 139
libtar (1.2.11-6) unstable; urgency=low
140
 
141
  * Fix autotools usage (Closes: #511741)
142
 
143
 -- Julien Danjou <acid@debian.org>  Sat, 02 May 2009 11:33:06 +0200
144
 
145
libtar (1.2.11-5) unstable; urgency=low
146
 
147
  * New maintainer (Closes: #465889)
148
  * Add missing binary-indep target in debian/rules (Closes: #395714)
149
  * Use ${binary:Version} instead of Source-Version
150
  * Bump standard version
151
  * Switch to debhelper 5
152
 
153
 -- Julien Danjou <acid@debian.org>  Wed, 02 Apr 2008 07:06:55 +0200
154
 
155
libtar (1.2.11-4) unstable; urgency=low
156
 
157
  * Always include the newest libtool.m4.  (Closes: #313612)
158
 
159
 -- James Morrison <phython@debian.org>  Sun, 28 Aug 2005 09:41:47 -0700
160
 
161
libtar (1.2.11-3) unstable; urgency=low
162
 
163
  * Document stupidity of tartype_t in libtar.c.  (Closes: #309945)
164
 
165
 -- James Morrison <phython@debian.org>  Sat, 11 Jun 2005 18:23:15 -0400
166
 
167
libtar (1.2.11-2) unstable; urgency=low
168
 
169
  * Move libtar-dev to libdevel. (Closes: #188207)
170
  * Fix potential memory leak.
171
 
172
 -- James Morrison <phython@debian.org>  Sun, 25 Jul 2004 12:59:08 -0700
173
 
174
libtar (1.2.11-1) unstable; urgency=low
175
 
176
  * New Upstream release.
177
 
178
 -- James Morrison <phython@debian.org>  Sat,  5 Apr 2003 14:03:19 -0500
179
 
180
libtar (1.2.10-1) unstable; urgency=low
181
 
182
  * New Upstream release.
183
     (Closes: #166602) New upstream uses autoconf 2.5x
184
  * Remove dependency on automake.  Hopefully upstream will except this
185
    use of libtool.
186
  * Remove all -static and -shared targets from debian/rules.
187
  * Use dh_install instead of dh_movefiles.
188
  * -
189
 
190
 -- James Morrison <phython@debian.org>  Sat,  5 Apr 2003 14:03:16 -0500
191
 
192
libtar (1.2.5-4) unstable; urgency=low
193
 
194
  * New maintainer. (Closes: #154597)
195
  * WSG_ENCAP is now defined.  (Closes: #147764)
196
  * libtar-dev depends on libc-dev instead of libc6-dev.
197
 
198
 -- James Morrison <phython@debian.org>  Wed, 14 Aug 2002 23:44:16 -0400
199
 
200
libtar (1.2.5-3) unstable; urgency=low
201
 
202
  * Modify build commands to acomadate change in autoconf (Closes #147764)
203
 
204
 -- Glenn McGrath <bug1@debian.org>  Thu, 23 May 2002 01:06:16 +1000
205
 
206
libtar (1.2.5-2) unstable; urgency=low
207
 
208
  * Fix build problem (Closes #135360)
209
 
210
 -- Glenn McGrath <bug1@debian.org>  Sun, 24 Feb 2002 06:29:31 +1100
211
 
212
libtar (1.2.5-1) unstable; urgency=low
213
 
214
  * New upstream version
215
  * Change section of libtar-dev to devel and libtar to libs
216
 
217
 -- Glenn McGrath <bug1@debian.org>  Fri, 22 Feb 2002 04:23:15 +1100
218
 
219
libtar (1.2.4-2) unstable; urgency=low
220
 
221
  * Change section from devel to libs
222
 
223
 -- Glenn McGrath <bug1@debian.org>  Sat,  2 Feb 2002 12:12:32 +1100
224
 
225
libtar (1.2.4-1) unstable; urgency=low
226
 
227
  * Initial Release. (closes #128042)
228
 
229
 -- Glenn McGrath <bug1@debian.org>  Sat,  5 Jan 2002 13:24:37 +1100
230