Ubuntu
tar package

Change logs for tar source package in Hoary

  1. Hoary (5.04)
  2. Change log 
  • tar (1.14-2ubuntu0.1) hoary-security; urgency=low

  * SECURITY UPDATE: Arbitrary code execution with crafted tar files.
  * src/xheader.c:
    - Add a new function decode_num() which wraps xstrtoumax() and adds
      boundary and sanity checking.
    - Use decode_num() instead of xstrtoumax() in the code to avoid buffer
      overflows on excessively large field values like GNU.sparse.numblocks.
    - Patch taken from upstream CVS.
  * CVE-2006-0300

 -- Martin Pitt <email address hidden>   Thu, 23 Feb 2006 10:27:25 +0000
  • tar (1.14-2) unstable; urgency=low


  * patch from Paul Eggert that does a better job of eliminating the 
    dependency on (buggy) valloc, closes: #234422, #248897
  * patch for typo in upstream po/de.po, closes: #154511
  * switch from dh_installmanpages to dh_installman

 -- Bdale Garbee <email address hidden>  Tue,  3 Aug 2004 08:22:17 -0600