Accepted tar 1.16-2etch1 (source amd64)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.7
Date: Wed, 26 Dec 2007 13:30:08 +0100
Source: tar
Binary: tar
Architecture: source amd64
Version: 1.16-2etch1
Distribution: stable-security
Urgency: high
Maintainer: Bdale Garbee <bdale@gag.com>
Changed-By: Florian Weimer <fw@deneb.enyo.de>
Description:
tar - GNU tar
Closes: 439335 441444
Changes:
tar (1.16-2etch1) stable-security; urgency=high
.
* Non-maintainer upload by the security team
* Apply patch from Dmitry V. Levin <ldv@owl.openwall.com> to avoid a
stack-based buffer overflow while processing certain file names
(CVE-2007-4476). Closes: #441444.
* Apply patch from Dmitry V. Levin to fix double-dot recognition
in case of duplicate / (CVE-2007-4131). Closes: #439335.
* Update the autoconf scripts to the etch version (no functional
changes, hopefully).
Files:
c7d9d75758a04174348cd65bb7aaab16 871 utils required tar_1.16-2etch1.dsc
d971b9d6114ad0527ef89fab0d3167e0 2199571 utils required tar_1.16.orig.tar.gz
96eb9bcd2d8257893a4f530eb00c9da5 31360 utils required tar_1.16-2etch1.diff.gz
b7287060cfefae808c694a60f9cb421c 714108 utils required tar_1.16-2etch1_amd64.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
iQEVAwUBR3KRfL97/wQC1SS+AQKnRgf+JPmUC5MqJLya8dlKBP4lJSd6UDivOyJF
3ojUEQ/hJB3+rC32GoaNw84MkOms12Ceoo4fBGVrmlSpsGUeIgjL2qy/c59jKOay
fCcEkqnR2LHmW7DttOT+P1VuUHtwAlOelIs02R58VgwEIFY3EWg4GqaTtYFN+IkV
0BSWyovPlcbTsrtuHUTDn/5MAcJgmi/QjnZTlBWMfwaIdAJNmsLQlqc24/qtTeZ/
FKuk2mPkVtewMJTXUjrFB8BWe/edzn+u/yo11zerAahv+vAhSBOnpH5r/p/RBP9t
aGOi7Ard2y5fh+JjAM+TOud/JbmaGBBLH/lUJnKNpexrDKotW626xw==
=7bmw
-----END PGP SIGNATURE-----
Accepted:
tar_1.16-2etch1.diff.gz
to pool/main/t/tar/tar_1.16-2etch1.diff.gz
tar_1.16-2etch1.dsc
to pool/main/t/tar/tar_1.16-2etch1.dsc
tar_1.16-2etch1_amd64.deb
to pool/main/t/tar/tar_1.16-2etch1_amd64.deb
Reply to: