Subversion Repositories

?revision_form?Rev ?revision_input??revision_submit??revision_endform?

Rev 36 | Rev 39 | Go to most recent revision | Details | Compare with Previous | Last modification | View Log | RSS feed

Rev Author Line No. Line
38 magnus 1 
libtar (1.2.20-5) unstable; urgency=low
2 
 
3 
  * oldgnu_prefix.patch: Detect old-style GNU headers correctly (Closes:
4 
    #763119). Those appear in incremental archives and use the bytes that
5 
    the new-style headers use for the prefix field for other fields.
6 
    Thanks to Steinar H. Gunderson.
7 
 
8 
 -- Magnus Holmgren <holmgren@debian.org>  Sun, 12 Oct 2014 21:45:42 +0200
9 
 
36 magnus 10 
libtar (1.2.20-4) unstable; urgency=high
11 
 
12 
  * no_maxpathlen.patch: Half of the part of the patch modifying
13 
    compat/dirname.c was missing, causing libtar's dirname to always
14 
    return NULL (except in special circumstances). Actually make it work
15 
    (Closes: #745352). (The reason that libtar doesn't use libc's
16 
    dirname() and basename() on some or most platforms is that the code
17 
    doesn't work with destructive versions of these functions).
18 
 
19 
 -- Magnus Holmgren <holmgren@debian.org>  Sat, 03 May 2014 20:39:02 +0200
20 
 
30 magnus 21 
libtar (1.2.20-3) unstable; urgency=low
22 
 
23 
  * no_maxpathlen.patch: Fix two grave bugs in the patch. First,
24 
    th_get_pathname would only allocate as much memory as was needed for
25 
    the first filename encountered, causing heap corruption when/if
26 
    encountering longer filenames later. Second, two variables were mixed
27 
    up in tar_append_tree(). Also, fix a potential memory leak and trim
28 
    the patch a bit.
31 magnus 29 
  * [SECURITY] CVE-2013-4420.patch: When the prefix field is in use, the
30 
    safer_name_suffix() function should certainly be applied to the
31 
    combination of it and the name field, not just on the name field.
33 magnus 32 
  * th_get_size-unsigned-int.patch: Make the th_get_size() macro cast the
33 
    result from oct_to_int() to unsigned int. This is the right fix for
34 
    bug #725938 on 64-bit systems, where a specially crafted tar file
35 
    would not cause an integer overflow, but a memory allocation of almost
36 
    16 exbibytes, which would certainly fail outright without harm.
30 magnus 37 
 
33 magnus 38 
 -- Magnus Holmgren <holmgren@debian.org>  Sat, 15 Feb 2014 23:51:51 +0100
30 magnus 39 
 
23 magnus 40 
libtar (1.2.20-2) unstable; urgency=low
41 
 
42 
  * no_static_buffers.patch: avoid using a static buffer in
43 
    th_get_pathname(). Taken from upstream. Needed for no_maxpathlen.patch.
29 magnus 44 
  * no_maxpathlen.patch: Fix FTBFS on Hurd by dynamically allocating path
23 magnus 45 
    names (Closes: #657116). Thanks to Svante Signell and Petter
46 
    Reinholdtsen.
24 magnus 47 
  * [SECURITY] CVE-2013-4420.patch: Strip out leading slashes and any
48 
    pathname prefix containing ".." components (Closes: #731860). This is
49 
    done in th_get_pathname() (as well as to symlink targets when
50 
    extracting symlinks), not merely when extracting files, which means
51 
    applications calling that function will not see the stored
52 
    filename. There is no way to disable this behaviour, but it can be
53 
    expected that one will be provided when the issue is solved upstream.
25 magnus 54 
  * Bump Standards-Version to 3.9.5.
23 magnus 55 
 
25 magnus 56 
 -- Magnus Holmgren <holmgren@debian.org>  Sat, 15 Feb 2014 21:49:37 +0100
23 magnus 57 
 
18 magnus 58 
libtar (1.2.20-1) unstable; urgency=high
59 
 
60 
  * [SECURITY] New upstream release. Fixes CVE-2013-4397: Integer
61 
    overflow (Closes: #725938).
19 magnus 62 
  * Bump Standards-Version to 3.9.4.
18 magnus 63 
 
64 
 -- Magnus Holmgren <holmgren@debian.org>  Thu, 10 Oct 2013 19:20:49 +0200
65 
 
15 magnus 66 
libtar (1.2.19-1) unstable; urgency=low
67 
 
68 
  * New upstream release.
69 
 
70 
 -- Magnus Holmgren <holmgren@debian.org>  Sun, 05 May 2013 17:59:29 +0200
71 
 
10 magnus 72 
libtar (1.2.16-1) unstable; urgency=low
8 magnus 73 
 
74 
  * New upstream: Chris Frey has stepped up with the consent of the
75 
    original author, Mark Roth, and published an "official unofficial" git
76 
    repo at http://repo.or.cz/w/libtar.git, which I will use for the time
77 
    being.
10 magnus 78 
  * Updated debian/watch to look for tags and corresponding snapshot
79 
    tarballs at above URL.
8 magnus 80 
  * All patches have been incorporated or (in the case of
81 
    autoreconf.patch) made obsolete upstream.
9 magnus 82 
  * debian/rules: Add build-indep and build-arch targets.
11 magnus 83 
  * Updated debian/copyright.
12 magnus 84 
  * Use dpkg-buildflags to set CFLAGS et al.
13 magnus 85 
  * debian/control: Add VCS fields; bump Standards-Version to 3.9.3.
8 magnus 86 
 
13 magnus 87 
 -- Magnus Holmgren <holmgren@debian.org>  Sat, 23 Jun 2012 01:03:41 +0200
8 magnus 88 
 
6 magnus 89 
libtar (1.2.11-8) unstable; urgency=low
90 
 
91 
  * libtool.patch: Set SHELL to the configured shell in those Makefile.in
92 
    where libtool is used; otherwise libtool fails when /bin/sh is dash
93 
    but bash is expected (Closes: #621935).
94 
  * man_hyphen_minus.patch (new): Escape hyphens that should be minus
95 
    signs in man pages.
96 
  * Rename libtar as libtar0 to follow policy.
97 
 
98 
 -- Magnus Holmgren <holmgren@debian.org>  Sun, 24 Apr 2011 21:11:52 +0200
99 
 
5 magnus 100 
libtar (1.2.11-7) unstable; urgency=low
101 
 
102 
  * New maintainer (Closes: #526618).
103 
  * Change source format to 3.0 (quilt), clean up Debian diff and split
104 
    into several patches:
105 
    * libtool.patch: Using libtool to build dynamic library;
106 
    * autoreconf.patch: Changes needed to call autoreconf (bug 511741);
107 
    * memleak.patch: Fix memory leaks;
108 
    * bad_ptrtoint.patch: Document stupidity of tartype_t in libtar.c
109 
      (bug 309945).
110 
  * Increase Debhelper compat level to 7.
111 
  * Use dh_autoreconf to avoid having to keep track of files to clean.
112 
  * memleak2.patch (new): Applied instead of memleak.patch. Fix memory
113 
    leak by making th_get_pathname() return a pointer to a static buffer
114 
    instead of a pointer to a copy of a local buffer (LP: #41804).
115 
  * Add homepage field and watch file (in case there is ever a new
116 
    upstream release).
117 
  * Upgrade to Standards-Version 3.9.1.
118 
 
119 
 -- Magnus Holmgren <holmgren@debian.org>  Sat, 26 Mar 2011 23:10:25 +0100
120 
 
3 magnus 121 
libtar (1.2.11-6) unstable; urgency=low
122 
 
123 
  * Fix autotools usage (Closes: #511741)
124 
 
125 
 -- Julien Danjou <acid@debian.org>  Sat, 02 May 2009 11:33:06 +0200
126 
 
127 
libtar (1.2.11-5) unstable; urgency=low
128 
 
129 
  * New maintainer (Closes: #465889)
130 
  * Add missing binary-indep target in debian/rules (Closes: #395714)
131 
  * Use ${binary:Version} instead of Source-Version
132 
  * Bump standard version
133 
  * Switch to debhelper 5
134 
 
135 
 -- Julien Danjou <acid@debian.org>  Wed, 02 Apr 2008 07:06:55 +0200
136 
 
137 
libtar (1.2.11-4) unstable; urgency=low
138 
 
139 
  * Always include the newest libtool.m4.  (Closes: #313612)
140 
 
141 
 -- James Morrison <phython@debian.org>  Sun, 28 Aug 2005 09:41:47 -0700
142 
 
143 
libtar (1.2.11-3) unstable; urgency=low
144 
 
145 
  * Document stupidity of tartype_t in libtar.c.  (Closes: #309945)
146 
 
147 
 -- James Morrison <phython@debian.org>  Sat, 11 Jun 2005 18:23:15 -0400
148 
 
149 
libtar (1.2.11-2) unstable; urgency=low
150 
 
151 
  * Move libtar-dev to libdevel. (Closes: #188207)
152 
  * Fix potential memory leak.
153 
 
154 
 -- James Morrison <phython@debian.org>  Sun, 25 Jul 2004 12:59:08 -0700
155 
 
156 
libtar (1.2.11-1) unstable; urgency=low
157 
 
158 
  * New Upstream release.
159 
 
160 
 -- James Morrison <phython@debian.org>  Sat,  5 Apr 2003 14:03:19 -0500
161 
 
162 
libtar (1.2.10-1) unstable; urgency=low
163 
 
164 
  * New Upstream release.
165 
     (Closes: #166602) New upstream uses autoconf 2.5x
166 
  * Remove dependency on automake.  Hopefully upstream will except this
167 
    use of libtool.
168 
  * Remove all -static and -shared targets from debian/rules.
169 
  * Use dh_install instead of dh_movefiles.
170 
  * -
171 
 
172 
 -- James Morrison <phython@debian.org>  Sat,  5 Apr 2003 14:03:16 -0500
173 
 
174 
libtar (1.2.5-4) unstable; urgency=low
175 
 
176 
  * New maintainer. (Closes: #154597)
177 
  * WSG_ENCAP is now defined.  (Closes: #147764)
178 
  * libtar-dev depends on libc-dev instead of libc6-dev.
179 
 
180 
 -- James Morrison <phython@debian.org>  Wed, 14 Aug 2002 23:44:16 -0400
181 
 
182 
libtar (1.2.5-3) unstable; urgency=low
183 
 
184 
  * Modify build commands to acomadate change in autoconf (Closes #147764)
185 
 
186 
 -- Glenn McGrath <bug1@debian.org>  Thu, 23 May 2002 01:06:16 +1000
187 
 
188 
libtar (1.2.5-2) unstable; urgency=low
189 
 
190 
  * Fix build problem (Closes #135360)
191 
 
192 
 -- Glenn McGrath <bug1@debian.org>  Sun, 24 Feb 2002 06:29:31 +1100
193 
 
194 
libtar (1.2.5-1) unstable; urgency=low
195 
 
196 
  * New upstream version
197 
  * Change section of libtar-dev to devel and libtar to libs
198 
 
199 
 -- Glenn McGrath <bug1@debian.org>  Fri, 22 Feb 2002 04:23:15 +1100
200 
 
201 
libtar (1.2.4-2) unstable; urgency=low
202 
 
203 
  * Change section from devel to libs
204 
 
205 
 -- Glenn McGrath <bug1@debian.org>  Sat,  2 Feb 2002 12:12:32 +1100
206 
 
207 
libtar (1.2.4-1) unstable; urgency=low
208 
 
209 
  * Initial Release. (closes #128042)
210 
 
211 
 -- Glenn McGrath <bug1@debian.org>  Sat,  5 Jan 2002 13:24:37 +1100
212