Accepted tar 1.14-2.4 (source i386)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.7
Date: Wed, 26 Dec 2007 12:19:01 +0100
Source: tar
Binary: tar
Architecture: source i386
Version: 1.14-2.4
Distribution: oldstable-security
Urgency: high
Maintainer: Bdale Garbee <bdale@gag.com>
Changed-By: Florian Weimer <fw@deneb.enyo.de>
Description:
tar - GNU tar
Closes: 439335 441444
Changes:
tar (1.14-2.4) oldstable-security; urgency=high
.
* Non-maintainer upload by the security team
* Apply patch from Dmitry V. Levin <ldv@owl.openwall.com> to avoid a
stack-based buffer overflow while processing certain file names
(CVE-2007-4476). Closes: #441444.
* Apply patch from Dmitry V. Levin to fix double-dot recognition
in case of duplicate / (CVE-2007-4131). Closes: #439335.
Files:
cbcbbd7c638de842f913ac566c3f0b0a 846 base required tar_1.14-2.4.dsc
2675ec9acdf59ba6f0c54e5325675fcf 51869 base required tar_1.14-2.4.diff.gz
3b1099df9c1df15768f8dc568068e02f 500822 base required tar_1.14-2.4_i386.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
iQEVAwUBR3JTEL97/wQC1SS+AQIP4gf/SUnWTVcWn8qa8QXhlEfjct3ph2cOQRP7
/G6E9JDL7UaGavsR6O8JsBoSyl6cpwA4YCX54vZ9VA1P1NB2O/nkNFCG+rOX4zxl
WF2xl0Bj8ScPR5aSXC7KXgvhEVmF8NYzqRsfkW0NHGUNVH2BUGb1A/t2TEExPeB+
F9QXr9RoiNxwEEPcb5y46gRWZAgbbQBgdQeLUCQda9N4k1hqS1waEHuDbVA4F0bj
JUOV9rRS2Zm0lAmrUT9BwPYcQ2QjG1jhCunAl3pgERnc4ohDJ2ZrrSqmzLClVT7W
QJLL2YIOpFlIHbhNwX+jDNbQEPKirr3doO8z7im80bBf/z633H2/2A==
=7BMw
-----END PGP SIGNATURE-----
Accepted:
tar_1.14-2.4.diff.gz
to pool/main/t/tar/tar_1.14-2.4.diff.gz
tar_1.14-2.4.dsc
to pool/main/t/tar/tar_1.14-2.4.dsc
tar_1.14-2.4_i386.deb
to pool/main/t/tar/tar_1.14-2.4_i386.deb
Reply to: