-
tar (1.34+dfsg-1ubuntu0.1.22.04.2) jammy-security; urgency=medium
* SECURITY UPDATE: stack overflow via crafted xattr (LP: #2029464)
- debian/patches/CVE-2023-39804.patch: allocate xattr keys and values
on the heap rather than the stack in src/xheader.c
- CVE-2023-39804
-- Alex Murray <email address hidden> Tue, 05 Dec 2023 15:45:51 +1030
-
tar (1.34+dfsg-1ubuntu0.1.22.04.1) jammy-security; urgency=medium
* SECURITY UPDATE: one-byte out of bounds
- debian/patches/CVE-2022-48303.patch: check limit in
src/list.c.
- CVE-2022-48303
-- Leonidas Da Silva Barbosa <email address hidden> Wed, 15 Feb 2023 12:45:50 -0300
-
tar (1.34+dfsg-1build3) jammy; urgency=high
* No change rebuild for ppc64el baseline bump.
-- Julian Andres Klode <email address hidden> Fri, 25 Mar 2022 10:52:14 +0100
-
tar (1.34+dfsg-1build2) impish; urgency=medium
* No-change rebuild to build packages with zstd compression.
-- Matthias Klose <email address hidden> Thu, 07 Oct 2021 12:25:16 +0200
-
tar (1.34+dfsg-1build1) hirsute; urgency=medium
* No change rebuild fixed ownership.
-- Dimitri John Ledkov <email address hidden> Thu, 25 Feb 2021 14:02:31 +0000
