-
libarchive-zip-perl (1.63-1) unstable; urgency=medium
* Import upstream version 1.63
* Drop 0001-untaint_pat-should-be-untaint_pattern.patch
-- Salvatore Bonaccorso <email address hidden> Thu, 23 Aug 2018 07:13:16 +0200
-
libarchive-zip-perl (1.62-2) unstable; urgency=medium
* Team upload.
* Add patch from upstream Git repo to fix File::Find usage.
The misspelled parameter also causes a warning which breaks other
packages' autopkgtests.
* Update years of packaging copyright.
-- gregor herrmann <email address hidden> Mon, 20 Aug 2018 21:04:48 +0200
-
libarchive-zip-perl (1.62-1) unstable; urgency=medium
[ Damyan Ivanov ]
* declare conformance with Policy 4.1.3 (no changes needed)
[ Salvatore Bonaccorso ]
* Update Vcs-* headers for switch to salsa.debian.org
* Import upstream version 1.61 and 1.62
+ Prevent from traversing symlinks and parent directories when
extracting (CVE-2018-10860) (Closes: #902882)
* Bump Debhelper compat level to 10
* Update copyright years for debian/* packaging files
* Declare compliance with Debian policy 4.2.0
-- Salvatore Bonaccorso <email address hidden> Mon, 20 Aug 2018 08:03:09 +0200
-
libarchive-zip-perl (1.60-1ubuntu1) cosmic; urgency=medium
* SECURITY UPDATE: Traversal path vulnerability
- debian/patches/CVE-2018-10860.patch: fix in
lib/Archive/Zip/Archive.pm and add test in
t/25_traversal.t and some .zip files for test.
- CVE-2018-10860
-- <email address hidden> (Leonidas S. Barbosa) Tue, 03 Jul 2018 16:39:03 -0300
-
libarchive-zip-perl (1.60-1) unstable; urgency=medium
[ Florian Schlichting ]
* Make crc32 error message unambiguous (closes: #762454)
[ Salvatore Bonaccorso ]
* Import upstream version 1.60
* Refresh fix_example_shebangs.patch patch
* Refresh patch header for bogus-error-message.patch patch
* Update copyright years for debian/* packaging files
* Set Rules-Requires-Root to no
* Declare compliance with Debian policy 4.1.2
-- Salvatore Bonaccorso <email address hidden> Wed, 20 Dec 2017 20:31:24 +0100