Change log for cpio package in Debian
1 → 46 of 46 results | First • Previous • Next • Last |
Published in sid-release |
cpio (2.15+dfsg-1) unstable; urgency=medium * New upstream release Noteworthy changes in this release: - Fix operation of --no-absolute-filenames --make-directories - Restore access and modification times of symlinks in copy-in and copy-pass modes. * Update debian/watch * Move files to /usr Patch by Helmut Grohne <email address hidden> Closes: #1059756 -- Anibal Monsalve Salazar <email address hidden> Mon, 15 Jan 2024 20:38:45 +1100
Available diffs
- diff from 2.14+dfsg-1 to 2.15+dfsg-1 (412.9 KiB)
Superseded in sid-release |
cpio (2.14+dfsg-1) unstable; urgency=medium * New upstream release Closes: #1049402 Noteworthy changes in this release: - New option --ignore-dirnlink Valid in copy-out mode, it instructs cpio to ignore the actual number of links reported for each directory member and always store 2 instead. - Changes in --reproducible option The --reproducible option implies --ignore-dirlink. In other words, it is equivalent to --ignore-devno --ignore-dirnlink --renumber-inodes. - Use GNU ls algorithm for deciding timestamp format in -tv mode - Bugfixes - Fix cpio header verification. - Fix handling of device numbers on copy out. - Fix calculation of CRC in copy-out mode. - Rewrite the fix for CVE-2015-1197. - Fix combination of --create --append --directory. - Fix appending to archives bigger than 2G. * Update uploaders list Closes: #925021 * Standards-Version: 4.6.2 * Fix Path traversal vulnerability due to partial revert of fix for CVE-2015-1197 Closes: #1059163 * cpio-win32 is no longer needed Closes: #1059238 -- Anibal Monsalve Salazar <email address hidden> Fri, 22 Dec 2023 16:38:54 +1100
Available diffs
- diff from 2.13+dfsg-7.1 to 2.14+dfsg-1 (1.5 MiB)
Published in bullseye-release |
cpio (2.13+dfsg-7.1~deb11u1) bullseye; urgency=medium * Non-maintainer upload. * Rebuild for bullseye. -- Adrian Bunk <email address hidden> Sat, 30 Sep 2023 15:18:55 +0300
cpio (2.13+dfsg-7.1) unstable; urgency=medium * Non-maintainer upload. * Suggest libarchive-dev (Closes: #662718). * d/copyright: Convert to machine-readable format. * Fix CRC with new ASCII format when file > 2GB (Closes: #962188). -- Bastian Germann <email address hidden> Wed, 14 Sep 2022 21:45:55 +0200
Available diffs
- diff from 2.13+dfsg-7 to 2.13+dfsg-7.1 (2.0 KiB)
Superseded in sid-release |
cpio (2.13+dfsg-7) unstable; urgency=medium [ Salvatore Bonaccorso ] * Fix dynamic string reallocations (Closes: #992192) -- Anibal Monsalve Salazar <email address hidden> Sun, 22 Aug 2021 15:21:53 +1000
Available diffs
Superseded in sid-release |
cpio (2.13+dfsg-6) unstable; urgency=high * Fix regression of original fix for CVE-2021-38185 Add patch 992098-regression-of-orig-fix-for-CVE-2021-38185 Closes: #992098 -- Anibal Monsalve Salazar <email address hidden> Fri, 13 Aug 2021 13:06:27 +1000
Superseded in sid-release |
cpio (2.13+dfsg-5) unstable; urgency=medium * Fix CVE-2021-38185 Add patch 992045-CVE-2021-38185-rewrite-dynamic-string-support Closes: #992045 -- Anibal Monsalve Salazar <email address hidden> Wed, 11 Aug 2021 01:18:33 +1000
cpio (2.13+dfsg-4) unstable; urgency=medium * Source only upload to enable migration. Closes: #969660 -- Anibal Monsalve Salazar <email address hidden> Thu, 17 Sep 2020 21:16:18 +1000
Available diffs
- diff from 2.13+dfsg-3 to 2.13+dfsg-4 (345 bytes)
Superseded in sid-release |
cpio (2.13+dfsg-3) unstable; urgency=medium * Fix FTBFS multiple definition of 'program_name' src/global.c: Remove superfluous declaration of program_name Add patch 963304-remove-superfluous-declaration-of-program_name Closes: #963304 -- Anibal Monsalve Salazar <email address hidden> Tue, 07 Jul 2020 23:12:56 -0500
Available diffs
- diff from 2.13+dfsg-2 to 2.13+dfsg-3 (912 bytes)
Superseded in sid-release |
cpio (2.13+dfsg-2) unstable; urgency=medium * Fix a regression in handling of CVE-2015-1197 & --no-absolute-filenames by reverting part of an upstream commit. (Closes: #946267, #946469) * Add Vcs-Git and Vcs-Browser pointing to my personal Salsa repository (in lieu of anything at all). * Bump Standards-Version to 4.5.0. -- Chris Lamb <email address hidden> Sat, 01 Feb 2020 14:11:00 +0100
Available diffs
- diff from 2.13+dfsg-1 to 2.13+dfsg-2 (1.5 KiB)
Superseded in sid-release |
cpio (2.13+dfsg-1) unstable; urgency=medium * New upstream release. * Autoreconf using version 1.16.1 and update autoreconf.patch. * Update patches: - Drop patch for CVE-2016-2037; applied upstream. - Drop CVE-2015-1197.patch; now addressed upstream. - Modify doc/Makefile.am (vs. doc/Makefile.in) prior to autoreconfing vs. the generated doc/Makefile.in. - Refresh whitespace, etc. in patches via pq import/export. * debian/control: - Bump Standards-Version to 4.4.1 - Drop misleading Vcs-{Git,Browser}. - Use HTTPS Homepage URI. - Specify Rules-Requires-Root: binary-targets. -- Chris Lamb <email address hidden> Wed, 20 Nov 2019 13:33:36 -0500
Available diffs
cpio (2.12+dfsg-9) unstable; urgency=medium * Reinstate the call to update-alternatives(1) that I didnt see in the prerm script. Thanks again to Ivo De Decker. (Closes: #926698) -- Chris Lamb <email address hidden> Tue, 23 Apr 2019 16:29:37 +0100
Available diffs
- diff from 2.12+dfsg-6 to 2.12+dfsg-9 (615 bytes)
- diff from 2.12+dfsg-8 to 2.12+dfsg-9 (645 bytes)
Superseded in sid-release |
cpio (2.12+dfsg-8) unstable; urgency=medium * Drop symlink removal - it's been gone since 2001 anyway. Thanks, Ivo De Decker. (Closes: #926698) -- Chris Lamb <email address hidden> Tue, 23 Apr 2019 13:15:20 +0100
cpio (2.12+dfsg-6) unstable; urgency=medium * Upload to unstable. - Update debian/gbp.conf. * Remove empty directories under usr/share/man. * debian/control: "Priority: extra" has been replaced with "Priority: optional". -- Chris Lamb <email address hidden> Sat, 02 Dec 2017 09:27:39 +0000
Available diffs
- diff from 2.11+dfsg-6 to 2.12+dfsg-6 (1.3 MiB)
Deleted in experimental-release (Reason: None provided.) |
cpio (2.12+dfsg-5) experimental; urgency=medium * debian/rules: - Don't set dpkg-architecture variables with "=". - Don't parse the output of dpkg-parsechangelog. * Bump Standards-Version to 4.1.1. * Use HTTPS URI in debian/watch. * Drop whitespace from end of changelog. -- Chris Lamb <email address hidden> Tue, 28 Nov 2017 19:45:14 +0900
Superseded in experimental-release |
cpio (2.12+dfsg-4) experimental; urgency=medium * Add missing autoconf to Build-Depends (Closes: #855572) -- Chris Lamb <email address hidden> Fri, 10 Mar 2017 10:57:56 +0000
Superseded in experimental-release |
cpio (2.12+dfsg-3) experimental; urgency=medium * Remove rmt.8.gz. (Closes: #854584) -- Chris Lamb <email address hidden> Sat, 11 Feb 2017 22:55:11 +1300
Superseded in experimental-release |
cpio (2.12+dfsg-2) experimental; urgency=medium * Add missing autoconf to Build-Depends. -- Chris Lamb <email address hidden> Tue, 03 Jan 2017 10:32:27 +0000
Superseded in experimental-release |
cpio (2.12+dfsg-1) experimental; urgency=medium * Add myself to Uploaders. * Add debian/gbp.conf. * New upstream release. (Closes: #804063) - Refresh patches. * Add autoreconf.patch for automake-1.15. * Add fix.win32-compat.patch. * Pass --enable-mt to ./configure instead setting CPIO_MT_PROG=mt environment variable. -- Chris Lamb <email address hidden> Sun, 01 Jan 2017 11:17:41 +0000
cpio (2.11+dfsg-6) unstable; urgency=medium * Man page for "mt" describes how to "fast erase" Patch by Kees Cook Add fix.mt-erase.manpage.patch Closes: #770198 * Backport "New options to create device and inode-independent archives." from cpio 2.12 Patch by Chris Lamb Add reproducible.patch See #804063 * Standards-Version: 3.9.8 * Refresh patches -- Anibal Monsalve Salazar <email address hidden> Tue, 29 Nov 2016 12:31:53 +0000
Available diffs
Published in wheezy-release |
cpio (2.11+dfsg-0.1+deb7u2) wheezy-security; urgency=high * Non-maintainer upload by the Security Team. * CVE-2016-2037: 1-byte out-of-bounds write (Closes: #812401) -- Salvatore Bonaccorso <email address hidden> Sun, 14 Feb 2016 13:51:33 +0100
Published in jessie-release |
cpio (2.11+dfsg-4.1+deb8u1) jessie-security; urgency=high * Non-maintainer upload by the Security Team. * CVE-2016-2037: 1-byte out-of-bounds write (Closes: #812401) -- Salvatore Bonaccorso <email address hidden> Sun, 14 Feb 2016 13:42:19 +0100
cpio (2.11+dfsg-5) unstable; urgency=medium [ Salvatore Bonaccorso ] * CVE-2016-2037: 1-byte out-of-bounds write (Closes: #812401) [ Jérémy Bobbio ] * Make the package build reproducibly: - Fix mtimes before building binary packages. - Stop recording the current time when creating gzip files. - Sort file list in md5sums. Closes: #774426 [ Anibal Monsalve Salazar ] * Standards-Version: 3.9.6 -- Anibal Monsalve Salazar <email address hidden> Sun, 14 Feb 2016 12:01:51 +0000
cpio (2.11+dfsg-4.1) unstable; urgency=medium * Apply patch by Vitezslav Cizek of SuSE to fix CVE-2015-1197. Upstream is dormant or no longer existing. To restore the old behaviour use --extract-over-symlinks (Closes: #774669) This issue has been discovered by Alexander Cherepanov. -- Moritz Muehlenhoff <email address hidden> Thu, 05 Mar 2015 11:44:25 +0100
Superseded in wheezy-release |
cpio (2.11+dfsg-0.1+deb7u1) stable-security; urgency=high * Non-maintainer upload by the Security Team. * Fix CVE-2014-9112: out of bounds write, insufficient range checking, and null pointer dereference issues (closes: #772793). -- Michael Gilbert <email address hidden> Mon, 22 Dec 2014 22:13:01 +0000
cpio (2.11+dfsg-4) unstable; urgency=high [ Michael Gilbert <email address hidden> ] * Fix CVE-2014-9112: null pointer dereference issues. Add the following upstream patches: fd262d11.patch f6a8a2cb.patch Closes: #772793. -- Anibal Monsalve Salazar <email address hidden> Mon, 22 Dec 2014 11:42:11 +0000
Superseded in sid-release |
cpio (2.11+dfsg-2.1) unstable; urgency=high * Non-maintainer upload by the Security Team. * Fix CVE-2014-9112: out of bounds write, insufficient range checking, and null pointer dereference issues (closes: #772793). -- Michael Gilbert <email address hidden> Sun, 21 Dec 2014 21:09:44 +0000
Deleted in experimental-release (Reason: None provided.) |
cpio (2.11+dfsg-3) experimental; urgency=medium * Use default compression source options * Fix CVE-2014-9112. Add the following upstream patches: 746f3ff6.patch 54d1c42a.patch 58df4f1b.patch Closes: #772793. -- Anibal Monsalve Salazar <email address hidden> Fri, 12 Dec 2014 10:41:11 +0000
cpio (2.11+dfsg-2) unstable; urgency=medium [ Stephen Kitt ] * Build using mingw-w64 instead of mingw32. Closes: #623402. * Clean up autom4te.cache and config.guess/config.sub to allow building twice in a row. [ Anibal Monsalve Salazar ] * Standards Version is 3.9.5 * Commented out Vcs-Git and Vcs-Browser in debian/control -- Anibal Monsalve Salazar <email address hidden> Thu, 27 Mar 2014 01:49:54 +0000
cpio (2.11+dfsg-1) unstable; urgency=low * Standards Version is 3.9.4 * Remove reference to texinfo documntation in cpio man page Update debian/patches/695717-no-cpio.info.patch Closes: #695717 * Build depends on autotools-dev Autoconf update for arm64 building Drop debian/patches/autoconfupdate.patch Closes: #689612 * Update debian/watch -- Anibal Monsalve Salazar <email address hidden> Sat, 01 Jun 2013 08:54:41 +1000
cpio (2.11+dfsg-0.2) unstable; urgency=low * Non-maintainer upload. * Make cpio build with glibc 2.16 and newer, closes: 701389 * Make cpio multiarch ready before the bug gets one year old: closes: #678385 * remove dependency on install-info/dpkg since info file was dropped in #695717 * Update config.guess and config.sub for aarch64 bootstrapping -- Riku Voipio <email address hidden> Thu, 23 May 2013 09:46:11 +0300
cpio (2.11+dfsg-0.1) unstable; urgency=low * Non-maintainer upload. * Remove non DFSG-compliant doc/cpio.info and doc/cpio.texi from source. Closes: #695717 * Do not build nor ship cpio.info because of the above. -- David Prévot <email address hidden> Sat, 29 Dec 2012 22:02:30 -0400
Superseded in jessie-release |
Superseded in wheezy-release |
Superseded in sid-release |
Superseded in wheezy-release |
Superseded in sid-release |
cpio (2.11-8) unstable; urgency=low * Enable hardened build flags Patch by Moritz Muehlenhoff Closes: #654522 * Cross-building issues - Fix invalid redefinition of stat() during cross-building cpio Patch by Steve McIntyre Add 627444-invalid-redefinition-of-stat.patch - Use the strip that's provided by the cross-binutils Patch by Steve Langasek Closes: #627444 * Standards version is 3.9.3 * Fix debian-rules-missing-recommended-target -- Anibal Monsalve Salazar <email address hidden> Tue, 12 Jun 2012 20:55:53 +1000
cpio (2.11-7) unstable; urgency=low * New mantainer. Closes: #609990. * Add a 'Reporting Bugs' section to manpages. Closes: #218086. * Add a 'See Also' section to manpages mentioning cpio(5), and Add a 'Suggests: libarchive1' for cpio(5). Closes: #588020. -- Ruben Molina <email address hidden> Thu, 10 Feb 2011 23:16:52 -0500
cpio (2.11-6) unstable; urgency=low * New mantainer: adopt the package. closes: 604790 * debian/copyright: change link to GPL3 file * debian/control: add homepage field * Fix manpages section * Minor changes in postinst and prerm scripts -- Monica Ramirez Arceda <email address hidden> Thu, 02 Dec 2010 07:43:11 +0100
cpio (2.11-5) unstable; urgency=low * Bump to Standards-Version 3.9.1. * Orphan the package. -- Clint Adams <email address hidden> Sun, 14 Nov 2010 00:50:05 -0500
Published in lenny-release |
cpio (2.9-13lenny1) stable; urgency=low * Backport fix for rmt_read__ buffer overflow (CVE-2010-0624). -- Clint Adams <email address hidden> Thu, 11 Mar 2010 20:33:59 -0500
cpio (2.11-4) unstable; urgency=low * Apply patch from Didier Raboud to fix win32 output again. closes: #579533. -- Clint Adams <email address hidden> Thu, 29 Apr 2010 15:07:57 -0400
cpio (2.11-2) unstable; urgency=medium * Patch from Sven Joachim to prevent /usr/share/info/dir.gz being shipped when install-info is present in the build environment. closes: #576620. -- Clint Adams <email address hidden> Tue, 06 Apr 2010 08:18:20 -0400
cpio (2.11-1) unstable; urgency=high * New upstream version. - Fixes CVE-2010-0624: Heap-based buffer overflow in GNU Tar and GNU Cpio. * Tweak mingw build to not fail. * Update watch file to pick bzip2-compressed tarballs. * Bump to Standards-Version 3.8.4. * Switch to 3.0 (quilt) source format. -- Clint Adams <email address hidden> Thu, 11 Mar 2010 00:05:20 -0500
cpio (2.10-1) unstable; urgency=low * New upstream version. * Bump to Standards-Version 3.8.2. -- Clint Adams <email address hidden> Sat, 20 Jun 2009 11:53:36 -0400
cpio (2.9.90-3) unstable; urgency=low * Fix some variable types leading to spurious "file grew" errors for files larger than 4GB. closes: #506714. -- Clint Adams <email address hidden> Mon, 02 Mar 2009 17:32:20 -0500
cpio (2.9.90-2) unstable; urgency=low * New upstream alpha release. -- Clint Adams <email address hidden> Tue, 24 Feb 2009 13:12:16 -0500
cpio (2.9-15) unstable; urgency=medium * Apply patch from Kees Cook to return proper exit codes. closes: #514936. -- Clint Adams <email address hidden> Sat, 14 Feb 2009 13:55:42 -0500
cpio (2.9-14) unstable; urgency=low [ James Westby ] * Make sure that HAVE_GETPWNAM, HAVE_GETGRNAM, HAVE_GETPWUID and HAVE_GETGRGID are defined so that the real functions are used, rather than dummy ones. Having HAVE_GETPWNAM defined makes --owner work with user and group names again. - Also switch lib/system.h to use HAVE_GETPWUID instead of HAVE_PWUID. closes: #500264. [ Clint Adams ] * Bump to Standards-Version 3.8.0. -- Clint Adams <email address hidden> Fri, 26 Sep 2008 16:58:29 -0400
cpio (2.9-13) unstable; urgency=low * Remove pre-sarge fixup from postinst, and remove preinst entirely. -- Clint Adams <email address hidden> Thu, 03 Apr 2008 10:56:30 -0400
1 → 46 of 46 results | First • Previous • Next • Last |