Change logs for tar source package in Hoary
-
tar (1.14-2ubuntu0.1) hoary-security; urgency=low * SECURITY UPDATE: Arbitrary code execution with crafted tar files. * src/xheader.c: - Add a new function decode_num() which wraps xstrtoumax() and adds boundary and sanity checking. - Use decode_num() instead of xstrtoumax() in the code to avoid buffer overflows on excessively large field values like GNU.sparse.numblocks. - Patch taken from upstream CVS. * CVE-2006-0300 -- Martin Pitt <email address hidden> Thu, 23 Feb 2006 10:27:25 +0000
-
tar (1.14-2) unstable; urgency=low * patch from Paul Eggert that does a better job of eliminating the dependency on (buggy) valloc, closes: #234422, #248897 * patch for typo in upstream po/de.po, closes: #154511 * switch from dh_installmanpages to dh_installman -- Bdale Garbee <email address hidden> Tue, 3 Aug 2004 08:22:17 -0600