[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Accepted tar 1.16-2etch1 (source amd64)



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.7
Date: Wed, 26 Dec 2007 13:30:08 +0100
Source: tar
Binary: tar
Architecture: source amd64
Version: 1.16-2etch1
Distribution: stable-security
Urgency: high
Maintainer: Bdale Garbee <bdale@gag.com>
Changed-By: Florian Weimer <fw@deneb.enyo.de>
Description: 
 tar        - GNU tar
Closes: 439335 441444
Changes: 
 tar (1.16-2etch1) stable-security; urgency=high
 .
   * Non-maintainer upload by the security team
   * Apply patch from Dmitry V. Levin <ldv@owl.openwall.com> to avoid a
     stack-based buffer overflow while processing certain file names
     (CVE-2007-4476).  Closes: #441444.
   * Apply patch from Dmitry V. Levin to fix double-dot recognition
     in case of duplicate / (CVE-2007-4131).  Closes: #439335.
   * Update the autoconf scripts to the etch version (no functional
     changes, hopefully).
Files: 
 c7d9d75758a04174348cd65bb7aaab16 871 utils required tar_1.16-2etch1.dsc
 d971b9d6114ad0527ef89fab0d3167e0 2199571 utils required tar_1.16.orig.tar.gz
 96eb9bcd2d8257893a4f530eb00c9da5 31360 utils required tar_1.16-2etch1.diff.gz
 b7287060cfefae808c694a60f9cb421c 714108 utils required tar_1.16-2etch1_amd64.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)

iQEVAwUBR3KRfL97/wQC1SS+AQKnRgf+JPmUC5MqJLya8dlKBP4lJSd6UDivOyJF
3ojUEQ/hJB3+rC32GoaNw84MkOms12Ceoo4fBGVrmlSpsGUeIgjL2qy/c59jKOay
fCcEkqnR2LHmW7DttOT+P1VuUHtwAlOelIs02R58VgwEIFY3EWg4GqaTtYFN+IkV
0BSWyovPlcbTsrtuHUTDn/5MAcJgmi/QjnZTlBWMfwaIdAJNmsLQlqc24/qtTeZ/
FKuk2mPkVtewMJTXUjrFB8BWe/edzn+u/yo11zerAahv+vAhSBOnpH5r/p/RBP9t
aGOi7Ard2y5fh+JjAM+TOud/JbmaGBBLH/lUJnKNpexrDKotW626xw==
=7bmw
-----END PGP SIGNATURE-----


Accepted:
tar_1.16-2etch1.diff.gz
  to pool/main/t/tar/tar_1.16-2etch1.diff.gz
tar_1.16-2etch1.dsc
  to pool/main/t/tar/tar_1.16-2etch1.dsc
tar_1.16-2etch1_amd64.deb
  to pool/main/t/tar/tar_1.16-2etch1_amd64.deb


Reply to: