Subversion Repositories

?revision_form?Rev ?revision_input??revision_submit??revision_endform?

Rev 39 | Rev 43 | Go to most recent revision | Details | Compare with Previous | Last modification | View Log | RSS feed

Rev Author Line No. Line
38 magnus 1
libtar (1.2.20-5) unstable; urgency=low
2
 
3
  * oldgnu_prefix.patch: Detect old-style GNU headers correctly (Closes:
4
    #763119). Those appear in incremental archives and use the bytes that
5
    the new-style headers use for the prefix field for other fields.
6
    Thanks to Steinar H. Gunderson.
39 magnus 7
  * testsuite.patch: Add a simple test (Closes: #737258).
41 magnus 8
  * Bump Standards-Version to 3.9.7.
38 magnus 9
 
41 magnus 10
 -- Magnus Holmgren <holmgren@debian.org>  Fri, 25 Mar 2016 19:12:23 +0100
38 magnus 11
 
36 magnus 12
libtar (1.2.20-4) unstable; urgency=high
13
 
14
  * no_maxpathlen.patch: Half of the part of the patch modifying
15
    compat/dirname.c was missing, causing libtar's dirname to always
16
    return NULL (except in special circumstances). Actually make it work
17
    (Closes: #745352). (The reason that libtar doesn't use libc's
18
    dirname() and basename() on some or most platforms is that the code
19
    doesn't work with destructive versions of these functions).
20
 
21
 -- Magnus Holmgren <holmgren@debian.org>  Sat, 03 May 2014 20:39:02 +0200
22
 
30 magnus 23
libtar (1.2.20-3) unstable; urgency=low
24
 
25
  * no_maxpathlen.patch: Fix two grave bugs in the patch. First,
26
    th_get_pathname would only allocate as much memory as was needed for
27
    the first filename encountered, causing heap corruption when/if
28
    encountering longer filenames later. Second, two variables were mixed
29
    up in tar_append_tree(). Also, fix a potential memory leak and trim
30
    the patch a bit.
31 magnus 31
  * [SECURITY] CVE-2013-4420.patch: When the prefix field is in use, the
32
    safer_name_suffix() function should certainly be applied to the
33
    combination of it and the name field, not just on the name field.
33 magnus 34
  * th_get_size-unsigned-int.patch: Make the th_get_size() macro cast the
35
    result from oct_to_int() to unsigned int. This is the right fix for
36
    bug #725938 on 64-bit systems, where a specially crafted tar file
37
    would not cause an integer overflow, but a memory allocation of almost
38
    16 exbibytes, which would certainly fail outright without harm.
30 magnus 39
 
33 magnus 40
 -- Magnus Holmgren <holmgren@debian.org>  Sat, 15 Feb 2014 23:51:51 +0100
30 magnus 41
 
23 magnus 42
libtar (1.2.20-2) unstable; urgency=low
43
 
44
  * no_static_buffers.patch: avoid using a static buffer in
45
    th_get_pathname(). Taken from upstream. Needed for no_maxpathlen.patch.
29 magnus 46
  * no_maxpathlen.patch: Fix FTBFS on Hurd by dynamically allocating path
23 magnus 47
    names (Closes: #657116). Thanks to Svante Signell and Petter
48
    Reinholdtsen.
24 magnus 49
  * [SECURITY] CVE-2013-4420.patch: Strip out leading slashes and any
50
    pathname prefix containing ".." components (Closes: #731860). This is
51
    done in th_get_pathname() (as well as to symlink targets when
52
    extracting symlinks), not merely when extracting files, which means
53
    applications calling that function will not see the stored
54
    filename. There is no way to disable this behaviour, but it can be
55
    expected that one will be provided when the issue is solved upstream.
25 magnus 56
  * Bump Standards-Version to 3.9.5.
23 magnus 57
 
25 magnus 58
 -- Magnus Holmgren <holmgren@debian.org>  Sat, 15 Feb 2014 21:49:37 +0100
23 magnus 59
 
18 magnus 60
libtar (1.2.20-1) unstable; urgency=high
61
 
62
  * [SECURITY] New upstream release. Fixes CVE-2013-4397: Integer
63
    overflow (Closes: #725938).
19 magnus 64
  * Bump Standards-Version to 3.9.4.
18 magnus 65
 
66
 -- Magnus Holmgren <holmgren@debian.org>  Thu, 10 Oct 2013 19:20:49 +0200
67
 
15 magnus 68
libtar (1.2.19-1) unstable; urgency=low
69
 
70
  * New upstream release.
71
 
72
 -- Magnus Holmgren <holmgren@debian.org>  Sun, 05 May 2013 17:59:29 +0200
73
 
10 magnus 74
libtar (1.2.16-1) unstable; urgency=low
8 magnus 75
 
76
  * New upstream: Chris Frey has stepped up with the consent of the
77
    original author, Mark Roth, and published an "official unofficial" git
78
    repo at http://repo.or.cz/w/libtar.git, which I will use for the time
79
    being.
10 magnus 80
  * Updated debian/watch to look for tags and corresponding snapshot
81
    tarballs at above URL.
8 magnus 82
  * All patches have been incorporated or (in the case of
83
    autoreconf.patch) made obsolete upstream.
9 magnus 84
  * debian/rules: Add build-indep and build-arch targets.
11 magnus 85
  * Updated debian/copyright.
12 magnus 86
  * Use dpkg-buildflags to set CFLAGS et al.
13 magnus 87
  * debian/control: Add VCS fields; bump Standards-Version to 3.9.3.
8 magnus 88
 
13 magnus 89
 -- Magnus Holmgren <holmgren@debian.org>  Sat, 23 Jun 2012 01:03:41 +0200
8 magnus 90
 
6 magnus 91
libtar (1.2.11-8) unstable; urgency=low
92
 
93
  * libtool.patch: Set SHELL to the configured shell in those Makefile.in
94
    where libtool is used; otherwise libtool fails when /bin/sh is dash
95
    but bash is expected (Closes: #621935).
96
  * man_hyphen_minus.patch (new): Escape hyphens that should be minus
97
    signs in man pages.
98
  * Rename libtar as libtar0 to follow policy.
99
 
100
 -- Magnus Holmgren <holmgren@debian.org>  Sun, 24 Apr 2011 21:11:52 +0200
101
 
5 magnus 102
libtar (1.2.11-7) unstable; urgency=low
103
 
104
  * New maintainer (Closes: #526618).
105
  * Change source format to 3.0 (quilt), clean up Debian diff and split
106
    into several patches:
107
    * libtool.patch: Using libtool to build dynamic library;
108
    * autoreconf.patch: Changes needed to call autoreconf (bug 511741);
109
    * memleak.patch: Fix memory leaks;
110
    * bad_ptrtoint.patch: Document stupidity of tartype_t in libtar.c
111
      (bug 309945).
112
  * Increase Debhelper compat level to 7.
113
  * Use dh_autoreconf to avoid having to keep track of files to clean.
114
  * memleak2.patch (new): Applied instead of memleak.patch. Fix memory
115
    leak by making th_get_pathname() return a pointer to a static buffer
116
    instead of a pointer to a copy of a local buffer (LP: #41804).
117
  * Add homepage field and watch file (in case there is ever a new
118
    upstream release).
119
  * Upgrade to Standards-Version 3.9.1.
120
 
121
 -- Magnus Holmgren <holmgren@debian.org>  Sat, 26 Mar 2011 23:10:25 +0100
122
 
3 magnus 123
libtar (1.2.11-6) unstable; urgency=low
124
 
125
  * Fix autotools usage (Closes: #511741)
126
 
127
 -- Julien Danjou <acid@debian.org>  Sat, 02 May 2009 11:33:06 +0200
128
 
129
libtar (1.2.11-5) unstable; urgency=low
130
 
131
  * New maintainer (Closes: #465889)
132
  * Add missing binary-indep target in debian/rules (Closes: #395714)
133
  * Use ${binary:Version} instead of Source-Version
134
  * Bump standard version
135
  * Switch to debhelper 5
136
 
137
 -- Julien Danjou <acid@debian.org>  Wed, 02 Apr 2008 07:06:55 +0200
138
 
139
libtar (1.2.11-4) unstable; urgency=low
140
 
141
  * Always include the newest libtool.m4.  (Closes: #313612)
142
 
143
 -- James Morrison <phython@debian.org>  Sun, 28 Aug 2005 09:41:47 -0700
144
 
145
libtar (1.2.11-3) unstable; urgency=low
146
 
147
  * Document stupidity of tartype_t in libtar.c.  (Closes: #309945)
148
 
149
 -- James Morrison <phython@debian.org>  Sat, 11 Jun 2005 18:23:15 -0400
150
 
151
libtar (1.2.11-2) unstable; urgency=low
152
 
153
  * Move libtar-dev to libdevel. (Closes: #188207)
154
  * Fix potential memory leak.
155
 
156
 -- James Morrison <phython@debian.org>  Sun, 25 Jul 2004 12:59:08 -0700
157
 
158
libtar (1.2.11-1) unstable; urgency=low
159
 
160
  * New Upstream release.
161
 
162
 -- James Morrison <phython@debian.org>  Sat,  5 Apr 2003 14:03:19 -0500
163
 
164
libtar (1.2.10-1) unstable; urgency=low
165
 
166
  * New Upstream release.
167
     (Closes: #166602) New upstream uses autoconf 2.5x
168
  * Remove dependency on automake.  Hopefully upstream will except this
169
    use of libtool.
170
  * Remove all -static and -shared targets from debian/rules.
171
  * Use dh_install instead of dh_movefiles.
172
  * -
173
 
174
 -- James Morrison <phython@debian.org>  Sat,  5 Apr 2003 14:03:16 -0500
175
 
176
libtar (1.2.5-4) unstable; urgency=low
177
 
178
  * New maintainer. (Closes: #154597)
179
  * WSG_ENCAP is now defined.  (Closes: #147764)
180
  * libtar-dev depends on libc-dev instead of libc6-dev.
181
 
182
 -- James Morrison <phython@debian.org>  Wed, 14 Aug 2002 23:44:16 -0400
183
 
184
libtar (1.2.5-3) unstable; urgency=low
185
 
186
  * Modify build commands to acomadate change in autoconf (Closes #147764)
187
 
188
 -- Glenn McGrath <bug1@debian.org>  Thu, 23 May 2002 01:06:16 +1000
189
 
190
libtar (1.2.5-2) unstable; urgency=low
191
 
192
  * Fix build problem (Closes #135360)
193
 
194
 -- Glenn McGrath <bug1@debian.org>  Sun, 24 Feb 2002 06:29:31 +1100
195
 
196
libtar (1.2.5-1) unstable; urgency=low
197
 
198
  * New upstream version
199
  * Change section of libtar-dev to devel and libtar to libs
200
 
201
 -- Glenn McGrath <bug1@debian.org>  Fri, 22 Feb 2002 04:23:15 +1100
202
 
203
libtar (1.2.4-2) unstable; urgency=low
204
 
205
  * Change section from devel to libs
206
 
207
 -- Glenn McGrath <bug1@debian.org>  Sat,  2 Feb 2002 12:12:32 +1100
208
 
209
libtar (1.2.4-1) unstable; urgency=low
210
 
211
  * Initial Release. (closes #128042)
212
 
213
 -- Glenn McGrath <bug1@debian.org>  Sat,  5 Jan 2002 13:24:37 +1100
214