Subversion Repositories

?revision_form?Rev ?revision_input??revision_submit??revision_endform?

Rev 38 | Rev 41 | Go to most recent revision | Details | Compare with Previous | Last modification | View Log | RSS feed

Rev Author Line No. Line
38 magnus 1 
libtar (1.2.20-5) unstable; urgency=low
2 
 
3 
  * oldgnu_prefix.patch: Detect old-style GNU headers correctly (Closes:
4 
    #763119). Those appear in incremental archives and use the bytes that
5 
    the new-style headers use for the prefix field for other fields.
6 
    Thanks to Steinar H. Gunderson.
39 magnus 7 
  * testsuite.patch: Add a simple test (Closes: #737258).
38 magnus 8 
 
39 magnus 9 
 -- Magnus Holmgren <holmgren@debian.org>  Fri, 25 Mar 2016 19:10:41 +0100
38 magnus 10 
 
36 magnus 11 
libtar (1.2.20-4) unstable; urgency=high
12 
 
13 
  * no_maxpathlen.patch: Half of the part of the patch modifying
14 
    compat/dirname.c was missing, causing libtar's dirname to always
15 
    return NULL (except in special circumstances). Actually make it work
16 
    (Closes: #745352). (The reason that libtar doesn't use libc's
17 
    dirname() and basename() on some or most platforms is that the code
18 
    doesn't work with destructive versions of these functions).
19 
 
20 
 -- Magnus Holmgren <holmgren@debian.org>  Sat, 03 May 2014 20:39:02 +0200
21 
 
30 magnus 22 
libtar (1.2.20-3) unstable; urgency=low
23 
 
24 
  * no_maxpathlen.patch: Fix two grave bugs in the patch. First,
25 
    th_get_pathname would only allocate as much memory as was needed for
26 
    the first filename encountered, causing heap corruption when/if
27 
    encountering longer filenames later. Second, two variables were mixed
28 
    up in tar_append_tree(). Also, fix a potential memory leak and trim
29 
    the patch a bit.
31 magnus 30 
  * [SECURITY] CVE-2013-4420.patch: When the prefix field is in use, the
31 
    safer_name_suffix() function should certainly be applied to the
32 
    combination of it and the name field, not just on the name field.
33 magnus 33 
  * th_get_size-unsigned-int.patch: Make the th_get_size() macro cast the
34 
    result from oct_to_int() to unsigned int. This is the right fix for
35 
    bug #725938 on 64-bit systems, where a specially crafted tar file
36 
    would not cause an integer overflow, but a memory allocation of almost
37 
    16 exbibytes, which would certainly fail outright without harm.
30 magnus 38 
 
33 magnus 39 
 -- Magnus Holmgren <holmgren@debian.org>  Sat, 15 Feb 2014 23:51:51 +0100
30 magnus 40 
 
23 magnus 41 
libtar (1.2.20-2) unstable; urgency=low
42 
 
43 
  * no_static_buffers.patch: avoid using a static buffer in
44 
    th_get_pathname(). Taken from upstream. Needed for no_maxpathlen.patch.
29 magnus 45 
  * no_maxpathlen.patch: Fix FTBFS on Hurd by dynamically allocating path
23 magnus 46 
    names (Closes: #657116). Thanks to Svante Signell and Petter
47 
    Reinholdtsen.
24 magnus 48 
  * [SECURITY] CVE-2013-4420.patch: Strip out leading slashes and any
49 
    pathname prefix containing ".." components (Closes: #731860). This is
50 
    done in th_get_pathname() (as well as to symlink targets when
51 
    extracting symlinks), not merely when extracting files, which means
52 
    applications calling that function will not see the stored
53 
    filename. There is no way to disable this behaviour, but it can be
54 
    expected that one will be provided when the issue is solved upstream.
25 magnus 55 
  * Bump Standards-Version to 3.9.5.
23 magnus 56 
 
25 magnus 57 
 -- Magnus Holmgren <holmgren@debian.org>  Sat, 15 Feb 2014 21:49:37 +0100
23 magnus 58 
 
18 magnus 59 
libtar (1.2.20-1) unstable; urgency=high
60 
 
61 
  * [SECURITY] New upstream release. Fixes CVE-2013-4397: Integer
62 
    overflow (Closes: #725938).
19 magnus 63 
  * Bump Standards-Version to 3.9.4.
18 magnus 64 
 
65 
 -- Magnus Holmgren <holmgren@debian.org>  Thu, 10 Oct 2013 19:20:49 +0200
66 
 
15 magnus 67 
libtar (1.2.19-1) unstable; urgency=low
68 
 
69 
  * New upstream release.
70 
 
71 
 -- Magnus Holmgren <holmgren@debian.org>  Sun, 05 May 2013 17:59:29 +0200
72 
 
10 magnus 73 
libtar (1.2.16-1) unstable; urgency=low
8 magnus 74 
 
75 
  * New upstream: Chris Frey has stepped up with the consent of the
76 
    original author, Mark Roth, and published an "official unofficial" git
77 
    repo at http://repo.or.cz/w/libtar.git, which I will use for the time
78 
    being.
10 magnus 79 
  * Updated debian/watch to look for tags and corresponding snapshot
80 
    tarballs at above URL.
8 magnus 81 
  * All patches have been incorporated or (in the case of
82 
    autoreconf.patch) made obsolete upstream.
9 magnus 83 
  * debian/rules: Add build-indep and build-arch targets.
11 magnus 84 
  * Updated debian/copyright.
12 magnus 85 
  * Use dpkg-buildflags to set CFLAGS et al.
13 magnus 86 
  * debian/control: Add VCS fields; bump Standards-Version to 3.9.3.
8 magnus 87 
 
13 magnus 88 
 -- Magnus Holmgren <holmgren@debian.org>  Sat, 23 Jun 2012 01:03:41 +0200
8 magnus 89 
 
6 magnus 90 
libtar (1.2.11-8) unstable; urgency=low
91 
 
92 
  * libtool.patch: Set SHELL to the configured shell in those Makefile.in
93 
    where libtool is used; otherwise libtool fails when /bin/sh is dash
94 
    but bash is expected (Closes: #621935).
95 
  * man_hyphen_minus.patch (new): Escape hyphens that should be minus
96 
    signs in man pages.
97 
  * Rename libtar as libtar0 to follow policy.
98 
 
99 
 -- Magnus Holmgren <holmgren@debian.org>  Sun, 24 Apr 2011 21:11:52 +0200
100 
 
5 magnus 101 
libtar (1.2.11-7) unstable; urgency=low
102 
 
103 
  * New maintainer (Closes: #526618).
104 
  * Change source format to 3.0 (quilt), clean up Debian diff and split
105 
    into several patches:
106 
    * libtool.patch: Using libtool to build dynamic library;
107 
    * autoreconf.patch: Changes needed to call autoreconf (bug 511741);
108 
    * memleak.patch: Fix memory leaks;
109 
    * bad_ptrtoint.patch: Document stupidity of tartype_t in libtar.c
110 
      (bug 309945).
111 
  * Increase Debhelper compat level to 7.
112 
  * Use dh_autoreconf to avoid having to keep track of files to clean.
113 
  * memleak2.patch (new): Applied instead of memleak.patch. Fix memory
114 
    leak by making th_get_pathname() return a pointer to a static buffer
115 
    instead of a pointer to a copy of a local buffer (LP: #41804).
116 
  * Add homepage field and watch file (in case there is ever a new
117 
    upstream release).
118 
  * Upgrade to Standards-Version 3.9.1.
119 
 
120 
 -- Magnus Holmgren <holmgren@debian.org>  Sat, 26 Mar 2011 23:10:25 +0100
121 
 
3 magnus 122 
libtar (1.2.11-6) unstable; urgency=low
123 
 
124 
  * Fix autotools usage (Closes: #511741)
125 
 
126 
 -- Julien Danjou <acid@debian.org>  Sat, 02 May 2009 11:33:06 +0200
127 
 
128 
libtar (1.2.11-5) unstable; urgency=low
129 
 
130 
  * New maintainer (Closes: #465889)
131 
  * Add missing binary-indep target in debian/rules (Closes: #395714)
132 
  * Use ${binary:Version} instead of Source-Version
133 
  * Bump standard version
134 
  * Switch to debhelper 5
135 
 
136 
 -- Julien Danjou <acid@debian.org>  Wed, 02 Apr 2008 07:06:55 +0200
137 
 
138 
libtar (1.2.11-4) unstable; urgency=low
139 
 
140 
  * Always include the newest libtool.m4.  (Closes: #313612)
141 
 
142 
 -- James Morrison <phython@debian.org>  Sun, 28 Aug 2005 09:41:47 -0700
143 
 
144 
libtar (1.2.11-3) unstable; urgency=low
145 
 
146 
  * Document stupidity of tartype_t in libtar.c.  (Closes: #309945)
147 
 
148 
 -- James Morrison <phython@debian.org>  Sat, 11 Jun 2005 18:23:15 -0400
149 
 
150 
libtar (1.2.11-2) unstable; urgency=low
151 
 
152 
  * Move libtar-dev to libdevel. (Closes: #188207)
153 
  * Fix potential memory leak.
154 
 
155 
 -- James Morrison <phython@debian.org>  Sun, 25 Jul 2004 12:59:08 -0700
156 
 
157 
libtar (1.2.11-1) unstable; urgency=low
158 
 
159 
  * New Upstream release.
160 
 
161 
 -- James Morrison <phython@debian.org>  Sat,  5 Apr 2003 14:03:19 -0500
162 
 
163 
libtar (1.2.10-1) unstable; urgency=low
164 
 
165 
  * New Upstream release.
166 
     (Closes: #166602) New upstream uses autoconf 2.5x
167 
  * Remove dependency on automake.  Hopefully upstream will except this
168 
    use of libtool.
169 
  * Remove all -static and -shared targets from debian/rules.
170 
  * Use dh_install instead of dh_movefiles.
171 
  * -
172 
 
173 
 -- James Morrison <phython@debian.org>  Sat,  5 Apr 2003 14:03:16 -0500
174 
 
175 
libtar (1.2.5-4) unstable; urgency=low
176 
 
177 
  * New maintainer. (Closes: #154597)
178 
  * WSG_ENCAP is now defined.  (Closes: #147764)
179 
  * libtar-dev depends on libc-dev instead of libc6-dev.
180 
 
181 
 -- James Morrison <phython@debian.org>  Wed, 14 Aug 2002 23:44:16 -0400
182 
 
183 
libtar (1.2.5-3) unstable; urgency=low
184 
 
185 
  * Modify build commands to acomadate change in autoconf (Closes #147764)
186 
 
187 
 -- Glenn McGrath <bug1@debian.org>  Thu, 23 May 2002 01:06:16 +1000
188 
 
189 
libtar (1.2.5-2) unstable; urgency=low
190 
 
191 
  * Fix build problem (Closes #135360)
192 
 
193 
 -- Glenn McGrath <bug1@debian.org>  Sun, 24 Feb 2002 06:29:31 +1100
194 
 
195 
libtar (1.2.5-1) unstable; urgency=low
196 
 
197 
  * New upstream version
198 
  * Change section of libtar-dev to devel and libtar to libs
199 
 
200 
 -- Glenn McGrath <bug1@debian.org>  Fri, 22 Feb 2002 04:23:15 +1100
201 
 
202 
libtar (1.2.4-2) unstable; urgency=low
203 
 
204 
  * Change section from devel to libs
205 
 
206 
 -- Glenn McGrath <bug1@debian.org>  Sat,  2 Feb 2002 12:12:32 +1100
207 
 
208 
libtar (1.2.4-1) unstable; urgency=low
209 
 
210 
  * Initial Release. (closes #128042)
211 
 
212 
 -- Glenn McGrath <bug1@debian.org>  Sat,  5 Jan 2002 13:24:37 +1100
213