Subversion Repositories

libtar (1.2.20-7) unstable; urgency=low

libtar (1.2.20-7) unstable; urgency=low

  * no_strip.patch: make install must not strip binaries; it breaks cross

  * no_strip.patch: make install must not strip binaries; it breaks cross

    compilation and is against policy with regard to build options.

    compilation and is against policy with regard to build options.

  * Pass --build and --host to configure as appropriate to enable cross

  * Pass --build and --host to configure as appropriate to enable cross

    compilation (Closes: #839883).

    compilation (Closes: #839883).

libtar (1.2.20-6) unstable; urgency=low

libtar (1.2.20-6) unstable; urgency=low

  * Drop libtar/Makefile from examples, since it makes the build

  * Drop libtar/Makefile from examples, since it makes the build

    unreproducible (saves $SHELL) and isn't enough to compile libtar.c

    unreproducible (saves $SHELL) and isn't enough to compile libtar.c

    anyway.

    anyway.

  * Bump Standards-Version to 3.9.8.

  * Bump Standards-Version to 3.9.8.

 -- Magnus Holmgren <holmgren@debian.org>  Mon, 01 Aug 2016 22:52:44 +0200

 -- Magnus Holmgren <holmgren@debian.org>  Mon, 01 Aug 2016 22:52:44 +0200

libtar (1.2.20-5) unstable; urgency=low

libtar (1.2.20-5) unstable; urgency=low

  * oldgnu_prefix.patch: Detect old-style GNU headers correctly (Closes:

  * oldgnu_prefix.patch: Detect old-style GNU headers correctly (Closes:

    #763119). Those appear in incremental archives and use the bytes that

    #763119). Those appear in incremental archives and use the bytes that

    the new-style headers use for the prefix field for other fields.

    the new-style headers use for the prefix field for other fields.

    Thanks to Steinar H. Gunderson.

    Thanks to Steinar H. Gunderson.

  * testsuite.patch: Add a simple test (Closes: #737258).

  * testsuite.patch: Add a simple test (Closes: #737258).

  * Bump Standards-Version to 3.9.7.

  * Bump Standards-Version to 3.9.7.

 -- Magnus Holmgren <holmgren@debian.org>  Fri, 25 Mar 2016 19:12:23 +0100

 -- Magnus Holmgren <holmgren@debian.org>  Fri, 25 Mar 2016 19:12:23 +0100

libtar (1.2.20-4) unstable; urgency=high

libtar (1.2.20-4) unstable; urgency=high

  * no_maxpathlen.patch: Half of the part of the patch modifying

  * no_maxpathlen.patch: Half of the part of the patch modifying

    compat/dirname.c was missing, causing libtar's dirname to always

    compat/dirname.c was missing, causing libtar's dirname to always

    return NULL (except in special circumstances). Actually make it work

    return NULL (except in special circumstances). Actually make it work

    (Closes: #745352). (The reason that libtar doesn't use libc's

    (Closes: #745352). (The reason that libtar doesn't use libc's

    dirname() and basename() on some or most platforms is that the code

    dirname() and basename() on some or most platforms is that the code

    doesn't work with destructive versions of these functions).

    doesn't work with destructive versions of these functions).

 -- Magnus Holmgren <holmgren@debian.org>  Sat, 03 May 2014 20:39:02 +0200

 -- Magnus Holmgren <holmgren@debian.org>  Sat, 03 May 2014 20:39:02 +0200

libtar (1.2.20-3) unstable; urgency=low

libtar (1.2.20-3) unstable; urgency=low

  * no_maxpathlen.patch: Fix two grave bugs in the patch. First,

  * no_maxpathlen.patch: Fix two grave bugs in the patch. First,

    th_get_pathname would only allocate as much memory as was needed for

    th_get_pathname would only allocate as much memory as was needed for

    the first filename encountered, causing heap corruption when/if

    the first filename encountered, causing heap corruption when/if

    encountering longer filenames later. Second, two variables were mixed

    encountering longer filenames later. Second, two variables were mixed

    up in tar_append_tree(). Also, fix a potential memory leak and trim

    up in tar_append_tree(). Also, fix a potential memory leak and trim

    the patch a bit.

    the patch a bit.

  * [SECURITY] CVE-2013-4420.patch: When the prefix field is in use, the

  * [SECURITY] CVE-2013-4420.patch: When the prefix field is in use, the

    safer_name_suffix() function should certainly be applied to the

    safer_name_suffix() function should certainly be applied to the

    combination of it and the name field, not just on the name field.

    combination of it and the name field, not just on the name field.

  * th_get_size-unsigned-int.patch: Make the th_get_size() macro cast the

  * th_get_size-unsigned-int.patch: Make the th_get_size() macro cast the

    result from oct_to_int() to unsigned int. This is the right fix for

    result from oct_to_int() to unsigned int. This is the right fix for

    bug #725938 on 64-bit systems, where a specially crafted tar file

    bug #725938 on 64-bit systems, where a specially crafted tar file

    would not cause an integer overflow, but a memory allocation of almost

    would not cause an integer overflow, but a memory allocation of almost

    16 exbibytes, which would certainly fail outright without harm.

    16 exbibytes, which would certainly fail outright without harm.

 -- Magnus Holmgren <holmgren@debian.org>  Sat, 15 Feb 2014 23:51:51 +0100

 -- Magnus Holmgren <holmgren@debian.org>  Sat, 15 Feb 2014 23:51:51 +0100

libtar (1.2.20-2) unstable; urgency=low

libtar (1.2.20-2) unstable; urgency=low

  * no_static_buffers.patch: avoid using a static buffer in

  * no_static_buffers.patch: avoid using a static buffer in

    th_get_pathname(). Taken from upstream. Needed for no_maxpathlen.patch.

    th_get_pathname(). Taken from upstream. Needed for no_maxpathlen.patch.

  * no_maxpathlen.patch: Fix FTBFS on Hurd by dynamically allocating path

  * no_maxpathlen.patch: Fix FTBFS on Hurd by dynamically allocating path

    names (Closes: #657116). Thanks to Svante Signell and Petter

    names (Closes: #657116). Thanks to Svante Signell and Petter

    Reinholdtsen.

    Reinholdtsen.

  * [SECURITY] CVE-2013-4420.patch: Strip out leading slashes and any

  * [SECURITY] CVE-2013-4420.patch: Strip out leading slashes and any

    pathname prefix containing ".." components (Closes: #731860). This is

    pathname prefix containing ".." components (Closes: #731860). This is

    done in th_get_pathname() (as well as to symlink targets when

    done in th_get_pathname() (as well as to symlink targets when

    extracting symlinks), not merely when extracting files, which means

    extracting symlinks), not merely when extracting files, which means

    applications calling that function will not see the stored

    applications calling that function will not see the stored

    filename. There is no way to disable this behaviour, but it can be

    filename. There is no way to disable this behaviour, but it can be

    expected that one will be provided when the issue is solved upstream.

    expected that one will be provided when the issue is solved upstream.

  * Bump Standards-Version to 3.9.5.

  * Bump Standards-Version to 3.9.5.

 -- Magnus Holmgren <holmgren@debian.org>  Sat, 15 Feb 2014 21:49:37 +0100

 -- Magnus Holmgren <holmgren@debian.org>  Sat, 15 Feb 2014 21:49:37 +0100

libtar (1.2.20-1) unstable; urgency=high

libtar (1.2.20-1) unstable; urgency=high

  * [SECURITY] New upstream release. Fixes CVE-2013-4397: Integer

  * [SECURITY] New upstream release. Fixes CVE-2013-4397: Integer

    overflow (Closes: #725938).

    overflow (Closes: #725938).

  * Bump Standards-Version to 3.9.4.

  * Bump Standards-Version to 3.9.4.

 -- Magnus Holmgren <holmgren@debian.org>  Thu, 10 Oct 2013 19:20:49 +0200

 -- Magnus Holmgren <holmgren@debian.org>  Thu, 10 Oct 2013 19:20:49 +0200

libtar (1.2.19-1) unstable; urgency=low

libtar (1.2.19-1) unstable; urgency=low

  * New upstream release.

  * New upstream release.

 -- Magnus Holmgren <holmgren@debian.org>  Sun, 05 May 2013 17:59:29 +0200

 -- Magnus Holmgren <holmgren@debian.org>  Sun, 05 May 2013 17:59:29 +0200

libtar (1.2.16-1) unstable; urgency=low

libtar (1.2.16-1) unstable; urgency=low

  * New upstream: Chris Frey has stepped up with the consent of the

  * New upstream: Chris Frey has stepped up with the consent of the

    original author, Mark Roth, and published an "official unofficial" git

    original author, Mark Roth, and published an "official unofficial" git

    repo at http://repo.or.cz/w/libtar.git, which I will use for the time

    repo at http://repo.or.cz/w/libtar.git, which I will use for the time

    being.

    being.

  * Updated debian/watch to look for tags and corresponding snapshot

  * Updated debian/watch to look for tags and corresponding snapshot

    tarballs at above URL.

    tarballs at above URL.

  * All patches have been incorporated or (in the case of

  * All patches have been incorporated or (in the case of

    autoreconf.patch) made obsolete upstream.

    autoreconf.patch) made obsolete upstream.

  * debian/rules: Add build-indep and build-arch targets.

  * debian/rules: Add build-indep and build-arch targets.

  * Updated debian/copyright.

  * Updated debian/copyright.

  * Use dpkg-buildflags to set CFLAGS et al.

  * Use dpkg-buildflags to set CFLAGS et al.

  * debian/control: Add VCS fields; bump Standards-Version to 3.9.3.

  * debian/control: Add VCS fields; bump Standards-Version to 3.9.3.

 -- Magnus Holmgren <holmgren@debian.org>  Sat, 23 Jun 2012 01:03:41 +0200

 -- Magnus Holmgren <holmgren@debian.org>  Sat, 23 Jun 2012 01:03:41 +0200

libtar (1.2.11-8) unstable; urgency=low

libtar (1.2.11-8) unstable; urgency=low

  * libtool.patch: Set SHELL to the configured shell in those Makefile.in

  * libtool.patch: Set SHELL to the configured shell in those Makefile.in

    where libtool is used; otherwise libtool fails when /bin/sh is dash

    where libtool is used; otherwise libtool fails when /bin/sh is dash

    but bash is expected (Closes: #621935).

    but bash is expected (Closes: #621935).

  * man_hyphen_minus.patch (new): Escape hyphens that should be minus

  * man_hyphen_minus.patch (new): Escape hyphens that should be minus

    signs in man pages.

    signs in man pages.

  * Rename libtar as libtar0 to follow policy.

  * Rename libtar as libtar0 to follow policy.

 -- Magnus Holmgren <holmgren@debian.org>  Sun, 24 Apr 2011 21:11:52 +0200

 -- Magnus Holmgren <holmgren@debian.org>  Sun, 24 Apr 2011 21:11:52 +0200

libtar (1.2.11-7) unstable; urgency=low

libtar (1.2.11-7) unstable; urgency=low

  * New maintainer (Closes: #526618).

  * New maintainer (Closes: #526618).

  * Change source format to 3.0 (quilt), clean up Debian diff and split

  * Change source format to 3.0 (quilt), clean up Debian diff and split

    into several patches:

    into several patches:

    * libtool.patch: Using libtool to build dynamic library;

    * libtool.patch: Using libtool to build dynamic library;

    * autoreconf.patch: Changes needed to call autoreconf (bug 511741);

    * autoreconf.patch: Changes needed to call autoreconf (bug 511741);

    * memleak.patch: Fix memory leaks;

    * memleak.patch: Fix memory leaks;

    * bad_ptrtoint.patch: Document stupidity of tartype_t in libtar.c 

    * bad_ptrtoint.patch: Document stupidity of tartype_t in libtar.c 

      (bug 309945).

      (bug 309945).

  * Increase Debhelper compat level to 7.

  * Increase Debhelper compat level to 7.

  * Use dh_autoreconf to avoid having to keep track of files to clean.

  * Use dh_autoreconf to avoid having to keep track of files to clean.

  * memleak2.patch (new): Applied instead of memleak.patch. Fix memory

  * memleak2.patch (new): Applied instead of memleak.patch. Fix memory

    leak by making th_get_pathname() return a pointer to a static buffer

    leak by making th_get_pathname() return a pointer to a static buffer

    instead of a pointer to a copy of a local buffer (LP: #41804).

    instead of a pointer to a copy of a local buffer (LP: #41804).

  * Add homepage field and watch file (in case there is ever a new

  * Add homepage field and watch file (in case there is ever a new

    upstream release).

    upstream release).

  * Upgrade to Standards-Version 3.9.1.

  * Upgrade to Standards-Version 3.9.1.

 -- Magnus Holmgren <holmgren@debian.org>  Sat, 26 Mar 2011 23:10:25 +0100

 -- Magnus Holmgren <holmgren@debian.org>  Sat, 26 Mar 2011 23:10:25 +0100

libtar (1.2.11-6) unstable; urgency=low

libtar (1.2.11-6) unstable; urgency=low

  * Fix autotools usage (Closes: #511741)

  * Fix autotools usage (Closes: #511741)

 -- Julien Danjou <acid@debian.org>  Sat, 02 May 2009 11:33:06 +0200

 -- Julien Danjou <acid@debian.org>  Sat, 02 May 2009 11:33:06 +0200

libtar (1.2.11-5) unstable; urgency=low

libtar (1.2.11-5) unstable; urgency=low

  * New maintainer (Closes: #465889)

  * New maintainer (Closes: #465889)

  * Add missing binary-indep target in debian/rules (Closes: #395714)

  * Add missing binary-indep target in debian/rules (Closes: #395714)

  * Use ${binary:Version} instead of Source-Version

  * Use ${binary:Version} instead of Source-Version

  * Bump standard version

  * Bump standard version

  * Switch to debhelper 5

  * Switch to debhelper 5

 -- Julien Danjou <acid@debian.org>  Wed, 02 Apr 2008 07:06:55 +0200

 -- Julien Danjou <acid@debian.org>  Wed, 02 Apr 2008 07:06:55 +0200

libtar (1.2.11-4) unstable; urgency=low

libtar (1.2.11-4) unstable; urgency=low

  * Always include the newest libtool.m4.  (Closes: #313612)

  * Always include the newest libtool.m4.  (Closes: #313612)

 -- James Morrison <phython@debian.org>  Sun, 28 Aug 2005 09:41:47 -0700

 -- James Morrison <phython@debian.org>  Sun, 28 Aug 2005 09:41:47 -0700

libtar (1.2.11-3) unstable; urgency=low

libtar (1.2.11-3) unstable; urgency=low

  * Document stupidity of tartype_t in libtar.c.  (Closes: #309945)

  * Document stupidity of tartype_t in libtar.c.  (Closes: #309945)

 -- James Morrison <phython@debian.org>  Sat, 11 Jun 2005 18:23:15 -0400

 -- James Morrison <phython@debian.org>  Sat, 11 Jun 2005 18:23:15 -0400

libtar (1.2.11-2) unstable; urgency=low

libtar (1.2.11-2) unstable; urgency=low

  * Move libtar-dev to libdevel. (Closes: #188207)

  * Move libtar-dev to libdevel. (Closes: #188207)

  * Fix potential memory leak.

  * Fix potential memory leak.

 -- James Morrison <phython@debian.org>  Sun, 25 Jul 2004 12:59:08 -0700

 -- James Morrison <phython@debian.org>  Sun, 25 Jul 2004 12:59:08 -0700

libtar (1.2.11-1) unstable; urgency=low

libtar (1.2.11-1) unstable; urgency=low

  * New Upstream release.

  * New Upstream release.

 -- James Morrison <phython@debian.org>  Sat,  5 Apr 2003 14:03:19 -0500

 -- James Morrison <phython@debian.org>  Sat,  5 Apr 2003 14:03:19 -0500

libtar (1.2.10-1) unstable; urgency=low

libtar (1.2.10-1) unstable; urgency=low

  * New Upstream release.

  * New Upstream release.

     (Closes: #166602) New upstream uses autoconf 2.5x

     (Closes: #166602) New upstream uses autoconf 2.5x

  * Remove dependency on automake.  Hopefully upstream will except this

  * Remove dependency on automake.  Hopefully upstream will except this

    use of libtool.

    use of libtool.

  * Remove all -static and -shared targets from debian/rules.

  * Remove all -static and -shared targets from debian/rules.

  * Use dh_install instead of dh_movefiles.

  * Use dh_install instead of dh_movefiles.

  * -

  * -

 -- James Morrison <phython@debian.org>  Sat,  5 Apr 2003 14:03:16 -0500

 -- James Morrison <phython@debian.org>  Sat,  5 Apr 2003 14:03:16 -0500

libtar (1.2.5-4) unstable; urgency=low

libtar (1.2.5-4) unstable; urgency=low

  * New maintainer. (Closes: #154597)

  * New maintainer. (Closes: #154597)

  * WSG_ENCAP is now defined.  (Closes: #147764)

  * WSG_ENCAP is now defined.  (Closes: #147764)

  * libtar-dev depends on libc-dev instead of libc6-dev. 

  * libtar-dev depends on libc-dev instead of libc6-dev. 

 -- James Morrison <phython@debian.org>  Wed, 14 Aug 2002 23:44:16 -0400

 -- James Morrison <phython@debian.org>  Wed, 14 Aug 2002 23:44:16 -0400

libtar (1.2.5-3) unstable; urgency=low

libtar (1.2.5-3) unstable; urgency=low

  * Modify build commands to acomadate change in autoconf (Closes #147764)

  * Modify build commands to acomadate change in autoconf (Closes #147764)

 -- Glenn McGrath <bug1@debian.org>  Thu, 23 May 2002 01:06:16 +1000

 -- Glenn McGrath <bug1@debian.org>  Thu, 23 May 2002 01:06:16 +1000

libtar (1.2.5-2) unstable; urgency=low

libtar (1.2.5-2) unstable; urgency=low

  * Fix build problem (Closes #135360)

  * Fix build problem (Closes #135360)

 -- Glenn McGrath <bug1@debian.org>  Sun, 24 Feb 2002 06:29:31 +1100

 -- Glenn McGrath <bug1@debian.org>  Sun, 24 Feb 2002 06:29:31 +1100

libtar (1.2.5-1) unstable; urgency=low

libtar (1.2.5-1) unstable; urgency=low

  * New upstream version

  * New upstream version

  * Change section of libtar-dev to devel and libtar to libs

  * Change section of libtar-dev to devel and libtar to libs

 -- Glenn McGrath <bug1@debian.org>  Fri, 22 Feb 2002 04:23:15 +1100

 -- Glenn McGrath <bug1@debian.org>  Fri, 22 Feb 2002 04:23:15 +1100

libtar (1.2.4-2) unstable; urgency=low

libtar (1.2.4-2) unstable; urgency=low

  * Change section from devel to libs 

  * Change section from devel to libs 

 -- Glenn McGrath <bug1@debian.org>  Sat,  2 Feb 2002 12:12:32 +1100

 -- Glenn McGrath <bug1@debian.org>  Sat,  2 Feb 2002 12:12:32 +1100

libtar (1.2.4-1) unstable; urgency=low

libtar (1.2.4-1) unstable; urgency=low

  * Initial Release. (closes #128042)

  * Initial Release. (closes #128042)

 -- Glenn McGrath <bug1@debian.org>  Sat,  5 Jan 2002 13:24:37 +1100

 -- Glenn McGrath <bug1@debian.org>  Sat,  5 Jan 2002 13:24:37 +1100