Subversion Repositories

?revision_form?Rev ?revision_input??revision_submit??revision_endform?

Rev 41 | Rev 44 | Go to most recent revision | Details | Compare with Previous | Last modification | View Log | RSS feed

Rev Author Line No. Line
43 magnus 1 
libtar (1.2.20-6) unstable; urgency=low
2 
 
3 
  * Drop libtar/Makefile from examples, since it makes the build
4 
    unreproducible (saves $SHELL) and isn't enough to compile libtar.c
5 
    anyway.
6 
 
7 
 -- Magnus Holmgren <holmgren@debian.org>  Mon, 01 Aug 2016 22:52:29 +0200
8 
 
38 magnus 9 
libtar (1.2.20-5) unstable; urgency=low
10 
 
11 
  * oldgnu_prefix.patch: Detect old-style GNU headers correctly (Closes:
12 
    #763119). Those appear in incremental archives and use the bytes that
13 
    the new-style headers use for the prefix field for other fields.
14 
    Thanks to Steinar H. Gunderson.
39 magnus 15 
  * testsuite.patch: Add a simple test (Closes: #737258).
41 magnus 16 
  * Bump Standards-Version to 3.9.7.
38 magnus 17 
 
41 magnus 18 
 -- Magnus Holmgren <holmgren@debian.org>  Fri, 25 Mar 2016 19:12:23 +0100
38 magnus 19 
 
36 magnus 20 
libtar (1.2.20-4) unstable; urgency=high
21 
 
22 
  * no_maxpathlen.patch: Half of the part of the patch modifying
23 
    compat/dirname.c was missing, causing libtar's dirname to always
24 
    return NULL (except in special circumstances). Actually make it work
25 
    (Closes: #745352). (The reason that libtar doesn't use libc's
26 
    dirname() and basename() on some or most platforms is that the code
27 
    doesn't work with destructive versions of these functions).
28 
 
29 
 -- Magnus Holmgren <holmgren@debian.org>  Sat, 03 May 2014 20:39:02 +0200
30 
 
30 magnus 31 
libtar (1.2.20-3) unstable; urgency=low
32 
 
33 
  * no_maxpathlen.patch: Fix two grave bugs in the patch. First,
34 
    th_get_pathname would only allocate as much memory as was needed for
35 
    the first filename encountered, causing heap corruption when/if
36 
    encountering longer filenames later. Second, two variables were mixed
37 
    up in tar_append_tree(). Also, fix a potential memory leak and trim
38 
    the patch a bit.
31 magnus 39 
  * [SECURITY] CVE-2013-4420.patch: When the prefix field is in use, the
40 
    safer_name_suffix() function should certainly be applied to the
41 
    combination of it and the name field, not just on the name field.
33 magnus 42 
  * th_get_size-unsigned-int.patch: Make the th_get_size() macro cast the
43 
    result from oct_to_int() to unsigned int. This is the right fix for
44 
    bug #725938 on 64-bit systems, where a specially crafted tar file
45 
    would not cause an integer overflow, but a memory allocation of almost
46 
    16 exbibytes, which would certainly fail outright without harm.
30 magnus 47 
 
33 magnus 48 
 -- Magnus Holmgren <holmgren@debian.org>  Sat, 15 Feb 2014 23:51:51 +0100
30 magnus 49 
 
23 magnus 50 
libtar (1.2.20-2) unstable; urgency=low
51 
 
52 
  * no_static_buffers.patch: avoid using a static buffer in
53 
    th_get_pathname(). Taken from upstream. Needed for no_maxpathlen.patch.
29 magnus 54 
  * no_maxpathlen.patch: Fix FTBFS on Hurd by dynamically allocating path
23 magnus 55 
    names (Closes: #657116). Thanks to Svante Signell and Petter
56 
    Reinholdtsen.
24 magnus 57 
  * [SECURITY] CVE-2013-4420.patch: Strip out leading slashes and any
58 
    pathname prefix containing ".." components (Closes: #731860). This is
59 
    done in th_get_pathname() (as well as to symlink targets when
60 
    extracting symlinks), not merely when extracting files, which means
61 
    applications calling that function will not see the stored
62 
    filename. There is no way to disable this behaviour, but it can be
63 
    expected that one will be provided when the issue is solved upstream.
25 magnus 64 
  * Bump Standards-Version to 3.9.5.
23 magnus 65 
 
25 magnus 66 
 -- Magnus Holmgren <holmgren@debian.org>  Sat, 15 Feb 2014 21:49:37 +0100
23 magnus 67 
 
18 magnus 68 
libtar (1.2.20-1) unstable; urgency=high
69 
 
70 
  * [SECURITY] New upstream release. Fixes CVE-2013-4397: Integer
71 
    overflow (Closes: #725938).
19 magnus 72 
  * Bump Standards-Version to 3.9.4.
18 magnus 73 
 
74 
 -- Magnus Holmgren <holmgren@debian.org>  Thu, 10 Oct 2013 19:20:49 +0200
75 
 
15 magnus 76 
libtar (1.2.19-1) unstable; urgency=low
77 
 
78 
  * New upstream release.
79 
 
80 
 -- Magnus Holmgren <holmgren@debian.org>  Sun, 05 May 2013 17:59:29 +0200
81 
 
10 magnus 82 
libtar (1.2.16-1) unstable; urgency=low
8 magnus 83 
 
84 
  * New upstream: Chris Frey has stepped up with the consent of the
85 
    original author, Mark Roth, and published an "official unofficial" git
86 
    repo at http://repo.or.cz/w/libtar.git, which I will use for the time
87 
    being.
10 magnus 88 
  * Updated debian/watch to look for tags and corresponding snapshot
89 
    tarballs at above URL.
8 magnus 90 
  * All patches have been incorporated or (in the case of
91 
    autoreconf.patch) made obsolete upstream.
9 magnus 92 
  * debian/rules: Add build-indep and build-arch targets.
11 magnus 93 
  * Updated debian/copyright.
12 magnus 94 
  * Use dpkg-buildflags to set CFLAGS et al.
13 magnus 95 
  * debian/control: Add VCS fields; bump Standards-Version to 3.9.3.
8 magnus 96 
 
13 magnus 97 
 -- Magnus Holmgren <holmgren@debian.org>  Sat, 23 Jun 2012 01:03:41 +0200
8 magnus 98 
 
6 magnus 99 
libtar (1.2.11-8) unstable; urgency=low
100 
 
101 
  * libtool.patch: Set SHELL to the configured shell in those Makefile.in
102 
    where libtool is used; otherwise libtool fails when /bin/sh is dash
103 
    but bash is expected (Closes: #621935).
104 
  * man_hyphen_minus.patch (new): Escape hyphens that should be minus
105 
    signs in man pages.
106 
  * Rename libtar as libtar0 to follow policy.
107 
 
108 
 -- Magnus Holmgren <holmgren@debian.org>  Sun, 24 Apr 2011 21:11:52 +0200
109 
 
5 magnus 110 
libtar (1.2.11-7) unstable; urgency=low
111 
 
112 
  * New maintainer (Closes: #526618).
113 
  * Change source format to 3.0 (quilt), clean up Debian diff and split
114 
    into several patches:
115 
    * libtool.patch: Using libtool to build dynamic library;
116 
    * autoreconf.patch: Changes needed to call autoreconf (bug 511741);
117 
    * memleak.patch: Fix memory leaks;
118 
    * bad_ptrtoint.patch: Document stupidity of tartype_t in libtar.c
119 
      (bug 309945).
120 
  * Increase Debhelper compat level to 7.
121 
  * Use dh_autoreconf to avoid having to keep track of files to clean.
122 
  * memleak2.patch (new): Applied instead of memleak.patch. Fix memory
123 
    leak by making th_get_pathname() return a pointer to a static buffer
124 
    instead of a pointer to a copy of a local buffer (LP: #41804).
125 
  * Add homepage field and watch file (in case there is ever a new
126 
    upstream release).
127 
  * Upgrade to Standards-Version 3.9.1.
128 
 
129 
 -- Magnus Holmgren <holmgren@debian.org>  Sat, 26 Mar 2011 23:10:25 +0100
130 
 
3 magnus 131 
libtar (1.2.11-6) unstable; urgency=low
132 
 
133 
  * Fix autotools usage (Closes: #511741)
134 
 
135 
 -- Julien Danjou <acid@debian.org>  Sat, 02 May 2009 11:33:06 +0200
136 
 
137 
libtar (1.2.11-5) unstable; urgency=low
138 
 
139 
  * New maintainer (Closes: #465889)
140 
  * Add missing binary-indep target in debian/rules (Closes: #395714)
141 
  * Use ${binary:Version} instead of Source-Version
142 
  * Bump standard version
143 
  * Switch to debhelper 5
144 
 
145 
 -- Julien Danjou <acid@debian.org>  Wed, 02 Apr 2008 07:06:55 +0200
146 
 
147 
libtar (1.2.11-4) unstable; urgency=low
148 
 
149 
  * Always include the newest libtool.m4.  (Closes: #313612)
150 
 
151 
 -- James Morrison <phython@debian.org>  Sun, 28 Aug 2005 09:41:47 -0700
152 
 
153 
libtar (1.2.11-3) unstable; urgency=low
154 
 
155 
  * Document stupidity of tartype_t in libtar.c.  (Closes: #309945)
156 
 
157 
 -- James Morrison <phython@debian.org>  Sat, 11 Jun 2005 18:23:15 -0400
158 
 
159 
libtar (1.2.11-2) unstable; urgency=low
160 
 
161 
  * Move libtar-dev to libdevel. (Closes: #188207)
162 
  * Fix potential memory leak.
163 
 
164 
 -- James Morrison <phython@debian.org>  Sun, 25 Jul 2004 12:59:08 -0700
165 
 
166 
libtar (1.2.11-1) unstable; urgency=low
167 
 
168 
  * New Upstream release.
169 
 
170 
 -- James Morrison <phython@debian.org>  Sat,  5 Apr 2003 14:03:19 -0500
171 
 
172 
libtar (1.2.10-1) unstable; urgency=low
173 
 
174 
  * New Upstream release.
175 
     (Closes: #166602) New upstream uses autoconf 2.5x
176 
  * Remove dependency on automake.  Hopefully upstream will except this
177 
    use of libtool.
178 
  * Remove all -static and -shared targets from debian/rules.
179 
  * Use dh_install instead of dh_movefiles.
180 
  * -
181 
 
182 
 -- James Morrison <phython@debian.org>  Sat,  5 Apr 2003 14:03:16 -0500
183 
 
184 
libtar (1.2.5-4) unstable; urgency=low
185 
 
186 
  * New maintainer. (Closes: #154597)
187 
  * WSG_ENCAP is now defined.  (Closes: #147764)
188 
  * libtar-dev depends on libc-dev instead of libc6-dev.
189 
 
190 
 -- James Morrison <phython@debian.org>  Wed, 14 Aug 2002 23:44:16 -0400
191 
 
192 
libtar (1.2.5-3) unstable; urgency=low
193 
 
194 
  * Modify build commands to acomadate change in autoconf (Closes #147764)
195 
 
196 
 -- Glenn McGrath <bug1@debian.org>  Thu, 23 May 2002 01:06:16 +1000
197 
 
198 
libtar (1.2.5-2) unstable; urgency=low
199 
 
200 
  * Fix build problem (Closes #135360)
201 
 
202 
 -- Glenn McGrath <bug1@debian.org>  Sun, 24 Feb 2002 06:29:31 +1100
203 
 
204 
libtar (1.2.5-1) unstable; urgency=low
205 
 
206 
  * New upstream version
207 
  * Change section of libtar-dev to devel and libtar to libs
208 
 
209 
 -- Glenn McGrath <bug1@debian.org>  Fri, 22 Feb 2002 04:23:15 +1100
210 
 
211 
libtar (1.2.4-2) unstable; urgency=low
212 
 
213 
  * Change section from devel to libs
214 
 
215 
 -- Glenn McGrath <bug1@debian.org>  Sat,  2 Feb 2002 12:12:32 +1100
216 
 
217 
libtar (1.2.4-1) unstable; urgency=low
218 
 
219 
  * Initial Release. (closes #128042)
220 
 
221 
 -- Glenn McGrath <bug1@debian.org>  Sat,  5 Jan 2002 13:24:37 +1100
222