[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Accepted tar 1.14-2.4 (source i386)



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.7
Date: Wed, 26 Dec 2007 12:19:01 +0100
Source: tar
Binary: tar
Architecture: source i386
Version: 1.14-2.4
Distribution: oldstable-security
Urgency: high
Maintainer: Bdale Garbee <bdale@gag.com>
Changed-By: Florian Weimer <fw@deneb.enyo.de>
Description: 
 tar        - GNU tar
Closes: 439335 441444
Changes: 
 tar (1.14-2.4) oldstable-security; urgency=high
 .
   * Non-maintainer upload by the security team
   * Apply patch from Dmitry V. Levin <ldv@owl.openwall.com> to avoid a
     stack-based buffer overflow while processing certain file names
     (CVE-2007-4476).  Closes: #441444.
   * Apply patch from Dmitry V. Levin to fix double-dot recognition
     in case of duplicate / (CVE-2007-4131).  Closes: #439335.
Files: 
 cbcbbd7c638de842f913ac566c3f0b0a 846 base required tar_1.14-2.4.dsc
 2675ec9acdf59ba6f0c54e5325675fcf 51869 base required tar_1.14-2.4.diff.gz
 3b1099df9c1df15768f8dc568068e02f 500822 base required tar_1.14-2.4_i386.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)

iQEVAwUBR3JTEL97/wQC1SS+AQIP4gf/SUnWTVcWn8qa8QXhlEfjct3ph2cOQRP7
/G6E9JDL7UaGavsR6O8JsBoSyl6cpwA4YCX54vZ9VA1P1NB2O/nkNFCG+rOX4zxl
WF2xl0Bj8ScPR5aSXC7KXgvhEVmF8NYzqRsfkW0NHGUNVH2BUGb1A/t2TEExPeB+
F9QXr9RoiNxwEEPcb5y46gRWZAgbbQBgdQeLUCQda9N4k1hqS1waEHuDbVA4F0bj
JUOV9rRS2Zm0lAmrUT9BwPYcQ2QjG1jhCunAl3pgERnc4ohDJ2ZrrSqmzLClVT7W
QJLL2YIOpFlIHbhNwX+jDNbQEPKirr3doO8z7im80bBf/z633H2/2A==
=7BMw
-----END PGP SIGNATURE-----


Accepted:
tar_1.14-2.4.diff.gz
  to pool/main/t/tar/tar_1.14-2.4.diff.gz
tar_1.14-2.4.dsc
  to pool/main/t/tar/tar_1.14-2.4.dsc
tar_1.14-2.4_i386.deb
  to pool/main/t/tar/tar_1.14-2.4_i386.deb


Reply to: