Subversion Repositories

?revision_form?Rev ?revision_input??revision_submit??revision_endform?

Rev 29 | Rev 31 | Go to most recent revision | Details | Compare with Previous | Last modification | View Log | RSS feed

Rev Author Line No. Line
30 magnus 1 
libtar (1.2.20-3) unstable; urgency=low
2 
 
3 
  * no_maxpathlen.patch: Fix two grave bugs in the patch. First,
4 
    th_get_pathname would only allocate as much memory as was needed for
5 
    the first filename encountered, causing heap corruption when/if
6 
    encountering longer filenames later. Second, two variables were mixed
7 
    up in tar_append_tree(). Also, fix a potential memory leak and trim
8 
    the patch a bit.
9 
 
10 
 -- Magnus Holmgren <holmgren@debian.org>  Sat, 15 Feb 2014 21:54:56 +0100
11 
 
23 magnus 12 
libtar (1.2.20-2) unstable; urgency=low
13 
 
14 
  * no_static_buffers.patch: avoid using a static buffer in
15 
    th_get_pathname(). Taken from upstream. Needed for no_maxpathlen.patch.
29 magnus 16 
  * no_maxpathlen.patch: Fix FTBFS on Hurd by dynamically allocating path
23 magnus 17 
    names (Closes: #657116). Thanks to Svante Signell and Petter
18 
    Reinholdtsen.
24 magnus 19 
  * [SECURITY] CVE-2013-4420.patch: Strip out leading slashes and any
20 
    pathname prefix containing ".." components (Closes: #731860). This is
21 
    done in th_get_pathname() (as well as to symlink targets when
22 
    extracting symlinks), not merely when extracting files, which means
23 
    applications calling that function will not see the stored
24 
    filename. There is no way to disable this behaviour, but it can be
25 
    expected that one will be provided when the issue is solved upstream.
25 magnus 26 
  * Bump Standards-Version to 3.9.5.
23 magnus 27 
 
25 magnus 28 
 -- Magnus Holmgren <holmgren@debian.org>  Sat, 15 Feb 2014 21:49:37 +0100
23 magnus 29 
 
18 magnus 30 
libtar (1.2.20-1) unstable; urgency=high
31 
 
32 
  * [SECURITY] New upstream release. Fixes CVE-2013-4397: Integer
33 
    overflow (Closes: #725938).
19 magnus 34 
  * Bump Standards-Version to 3.9.4.
18 magnus 35 
 
36 
 -- Magnus Holmgren <holmgren@debian.org>  Thu, 10 Oct 2013 19:20:49 +0200
37 
 
15 magnus 38 
libtar (1.2.19-1) unstable; urgency=low
39 
 
40 
  * New upstream release.
41 
 
42 
 -- Magnus Holmgren <holmgren@debian.org>  Sun, 05 May 2013 17:59:29 +0200
43 
 
10 magnus 44 
libtar (1.2.16-1) unstable; urgency=low
8 magnus 45 
 
46 
  * New upstream: Chris Frey has stepped up with the consent of the
47 
    original author, Mark Roth, and published an "official unofficial" git
48 
    repo at http://repo.or.cz/w/libtar.git, which I will use for the time
49 
    being.
10 magnus 50 
  * Updated debian/watch to look for tags and corresponding snapshot
51 
    tarballs at above URL.
8 magnus 52 
  * All patches have been incorporated or (in the case of
53 
    autoreconf.patch) made obsolete upstream.
9 magnus 54 
  * debian/rules: Add build-indep and build-arch targets.
11 magnus 55 
  * Updated debian/copyright.
12 magnus 56 
  * Use dpkg-buildflags to set CFLAGS et al.
13 magnus 57 
  * debian/control: Add VCS fields; bump Standards-Version to 3.9.3.
8 magnus 58 
 
13 magnus 59 
 -- Magnus Holmgren <holmgren@debian.org>  Sat, 23 Jun 2012 01:03:41 +0200
8 magnus 60 
 
6 magnus 61 
libtar (1.2.11-8) unstable; urgency=low
62 
 
63 
  * libtool.patch: Set SHELL to the configured shell in those Makefile.in
64 
    where libtool is used; otherwise libtool fails when /bin/sh is dash
65 
    but bash is expected (Closes: #621935).
66 
  * man_hyphen_minus.patch (new): Escape hyphens that should be minus
67 
    signs in man pages.
68 
  * Rename libtar as libtar0 to follow policy.
69 
 
70 
 -- Magnus Holmgren <holmgren@debian.org>  Sun, 24 Apr 2011 21:11:52 +0200
71 
 
5 magnus 72 
libtar (1.2.11-7) unstable; urgency=low
73 
 
74 
  * New maintainer (Closes: #526618).
75 
  * Change source format to 3.0 (quilt), clean up Debian diff and split
76 
    into several patches:
77 
    * libtool.patch: Using libtool to build dynamic library;
78 
    * autoreconf.patch: Changes needed to call autoreconf (bug 511741);
79 
    * memleak.patch: Fix memory leaks;
80 
    * bad_ptrtoint.patch: Document stupidity of tartype_t in libtar.c
81 
      (bug 309945).
82 
  * Increase Debhelper compat level to 7.
83 
  * Use dh_autoreconf to avoid having to keep track of files to clean.
84 
  * memleak2.patch (new): Applied instead of memleak.patch. Fix memory
85 
    leak by making th_get_pathname() return a pointer to a static buffer
86 
    instead of a pointer to a copy of a local buffer (LP: #41804).
87 
  * Add homepage field and watch file (in case there is ever a new
88 
    upstream release).
89 
  * Upgrade to Standards-Version 3.9.1.
90 
 
91 
 -- Magnus Holmgren <holmgren@debian.org>  Sat, 26 Mar 2011 23:10:25 +0100
92 
 
3 magnus 93 
libtar (1.2.11-6) unstable; urgency=low
94 
 
95 
  * Fix autotools usage (Closes: #511741)
96 
 
97 
 -- Julien Danjou <acid@debian.org>  Sat, 02 May 2009 11:33:06 +0200
98 
 
99 
libtar (1.2.11-5) unstable; urgency=low
100 
 
101 
  * New maintainer (Closes: #465889)
102 
  * Add missing binary-indep target in debian/rules (Closes: #395714)
103 
  * Use ${binary:Version} instead of Source-Version
104 
  * Bump standard version
105 
  * Switch to debhelper 5
106 
 
107 
 -- Julien Danjou <acid@debian.org>  Wed, 02 Apr 2008 07:06:55 +0200
108 
 
109 
libtar (1.2.11-4) unstable; urgency=low
110 
 
111 
  * Always include the newest libtool.m4.  (Closes: #313612)
112 
 
113 
 -- James Morrison <phython@debian.org>  Sun, 28 Aug 2005 09:41:47 -0700
114 
 
115 
libtar (1.2.11-3) unstable; urgency=low
116 
 
117 
  * Document stupidity of tartype_t in libtar.c.  (Closes: #309945)
118 
 
119 
 -- James Morrison <phython@debian.org>  Sat, 11 Jun 2005 18:23:15 -0400
120 
 
121 
libtar (1.2.11-2) unstable; urgency=low
122 
 
123 
  * Move libtar-dev to libdevel. (Closes: #188207)
124 
  * Fix potential memory leak.
125 
 
126 
 -- James Morrison <phython@debian.org>  Sun, 25 Jul 2004 12:59:08 -0700
127 
 
128 
libtar (1.2.11-1) unstable; urgency=low
129 
 
130 
  * New Upstream release.
131 
 
132 
 -- James Morrison <phython@debian.org>  Sat,  5 Apr 2003 14:03:19 -0500
133 
 
134 
libtar (1.2.10-1) unstable; urgency=low
135 
 
136 
  * New Upstream release.
137 
     (Closes: #166602) New upstream uses autoconf 2.5x
138 
  * Remove dependency on automake.  Hopefully upstream will except this
139 
    use of libtool.
140 
  * Remove all -static and -shared targets from debian/rules.
141 
  * Use dh_install instead of dh_movefiles.
142 
  * -
143 
 
144 
 -- James Morrison <phython@debian.org>  Sat,  5 Apr 2003 14:03:16 -0500
145 
 
146 
libtar (1.2.5-4) unstable; urgency=low
147 
 
148 
  * New maintainer. (Closes: #154597)
149 
  * WSG_ENCAP is now defined.  (Closes: #147764)
150 
  * libtar-dev depends on libc-dev instead of libc6-dev.
151 
 
152 
 -- James Morrison <phython@debian.org>  Wed, 14 Aug 2002 23:44:16 -0400
153 
 
154 
libtar (1.2.5-3) unstable; urgency=low
155 
 
156 
  * Modify build commands to acomadate change in autoconf (Closes #147764)
157 
 
158 
 -- Glenn McGrath <bug1@debian.org>  Thu, 23 May 2002 01:06:16 +1000
159 
 
160 
libtar (1.2.5-2) unstable; urgency=low
161 
 
162 
  * Fix build problem (Closes #135360)
163 
 
164 
 -- Glenn McGrath <bug1@debian.org>  Sun, 24 Feb 2002 06:29:31 +1100
165 
 
166 
libtar (1.2.5-1) unstable; urgency=low
167 
 
168 
  * New upstream version
169 
  * Change section of libtar-dev to devel and libtar to libs
170 
 
171 
 -- Glenn McGrath <bug1@debian.org>  Fri, 22 Feb 2002 04:23:15 +1100
172 
 
173 
libtar (1.2.4-2) unstable; urgency=low
174 
 
175 
  * Change section from devel to libs
176 
 
177 
 -- Glenn McGrath <bug1@debian.org>  Sat,  2 Feb 2002 12:12:32 +1100
178 
 
179 
libtar (1.2.4-1) unstable; urgency=low
180 
 
181 
  * Initial Release. (closes #128042)
182 
 
183 
 -- Glenn McGrath <bug1@debian.org>  Sat,  5 Jan 2002 13:24:37 +1100
184