Format: 1.7
Date: Wed, 14 Jan 2009 09:10:49 -0600
Source: tar
Binary: tar
Architecture: sparc_translations sparc
Version: 1.15.1-2ubuntu2.3
Distribution: dapper
Urgency: low
Maintainer: Ubuntu/sparc Build Daemon <buildd@sejong.buildd>
Changed-By: Jamie Strandboge <jamie@ubuntu.com>
Description: 
 tar        - GNU tar
Changes: 
 tar (1.15.1-2ubuntu2.3) dapper-security; urgency=low
 .
   * SECURITY UPDATE: stack-based buffer overflow with malicious tar files
     - src/names.c: updated src/names.c to rewrite hash_string_prefix as
       hash_string_insert_prefix and adjust safer_name_suffix to use
       hash_string_insert_prefix to avoid stack allocation
     - patch from upstream paxlib commits:
       http://git.savannah.gnu.org/gitweb/?p=paxutils.git;a=commitdiff;h=b9199bbdefd32382953dd8c01ec881e5463c5a88
       http://git.savannah.gnu.org/gitweb/?p=paxutils.git;a=commitdiff;h=64379227940699a92113e3fd7c583e705a1f849b
     - CVE-2007-4476
     - LP: #180299
   * adjust tests/pipe.at pipe the output from `tar xfv' through sort and
     regenerate tests/testsuite with autom4ke to get tests working again (how
     did it ever successfully build before?)
Files: 
 8b1ad8790f52ca7282a76a96b6b134cc 524246 base required tar_1.15.1-2ubuntu2.3_sparc.deb
 c2de0df2ef1cab71b71ec92746dd0cc0 745568 raw-translations - tar_1.15.1-2ubuntu2.3_sparc_translations.tar.gz