Subversion Repositories

?revision_form?Rev ?revision_input??revision_submit??revision_endform?

Rev 31 | Rev 38 | Go to most recent revision | Show entire file | Ignore whitespace | Details | Blame | Last modification | View Log | RSS feed

Rev 31 Rev 33
Line 7... Line 7...
7
    up in tar_append_tree(). Also, fix a potential memory leak and trim
7
    up in tar_append_tree(). Also, fix a potential memory leak and trim
8
    the patch a bit.
8
    the patch a bit.
9
  * [SECURITY] CVE-2013-4420.patch: When the prefix field is in use, the
9
  * [SECURITY] CVE-2013-4420.patch: When the prefix field is in use, the
10
    safer_name_suffix() function should certainly be applied to the
10
    safer_name_suffix() function should certainly be applied to the
11
    combination of it and the name field, not just on the name field.
11
    combination of it and the name field, not just on the name field.
-
 
12
  * th_get_size-unsigned-int.patch: Make the th_get_size() macro cast the
-
 
13
    result from oct_to_int() to unsigned int. This is the right fix for
-
 
14
    bug #725938 on 64-bit systems, where a specially crafted tar file
-
 
15
    would not cause an integer overflow, but a memory allocation of almost
-
 
16
    16 exbibytes, which would certainly fail outright without harm.
12
17
13
 -- Magnus Holmgren <holmgren@debian.org>  Sat, 15 Feb 2014 23:21:56 +0100
18
 -- Magnus Holmgren <holmgren@debian.org>  Sat, 15 Feb 2014 23:51:51 +0100
14
19
15
libtar (1.2.20-2) unstable; urgency=low
20
libtar (1.2.20-2) unstable; urgency=low
16
21
17
  * no_static_buffers.patch: avoid using a static buffer in
22
  * no_static_buffers.patch: avoid using a static buffer in
18
    th_get_pathname(). Taken from upstream. Needed for no_maxpathlen.patch.
23
    th_get_pathname(). Taken from upstream. Needed for no_maxpathlen.patch.