Ubuntu
tar package

Change log for tar package in Ubuntu

150 of 99 results FirstPreviousLast
Published in noble-release
Published in mantic-release
Deleted in mantic-proposed (Reason: Moved to mantic) 
tar (1.34+dfsg-1.2ubuntu1) mantic; urgency=medium

  * SECURITY UPDATE: one-byte out of bounds
    - debian/patches/CVE-2022-48303.patch: check limit in
      src/list.c.
    - CVE-2022-48303

 -- Leonidas Da Silva Barbosa <email address hidden>  Fri, 02 Jun 2023 10:49:54 -0300
Published in lunar-updates
Published in lunar-security 
tar (1.34+dfsg-1.2ubuntu0.1) lunar-security; urgency=medium

  * SECURITY UPDATE: one-byte out of bounds
    - debian/patches/CVE-2022-48303.patch: check limit in
      src/list.c.
    - CVE-2022-48303

 -- Leonidas Da Silva Barbosa <email address hidden>  Thu, 18 May 2023 17:50:39 -0300
Superseded in mantic-release
Published in lunar-release
Deleted in lunar-proposed (Reason: Moved to lunar) 
tar (1.34+dfsg-1.2) unstable; urgency=medium

  * Non-maintainer upload.
  * Build with lfs and -D_TIME_BITS=64 on 32 bits archs (Closes: #1026204)
    Thanks to Andreas Henriksson and Helge Deller

 -- Paul Gevers <email address hidden>  Thu, 06 Apr 2023 16:25:47 +0200

Available diffs

Obsolete in kinetic-updates
Obsolete in kinetic-security 
tar (1.34+dfsg-1ubuntu0.1.22.10.1) kinetic-security; urgency=medium

  * SECURITY UPDATE: one-byte out of bounds
    - debian/patches/CVE-2022-48303.patch: check limit in
      src/list.c.
    - CVE-2022-48303

 -- Leonidas Da Silva Barbosa <email address hidden>  Thu, 09 Feb 2023 14:03:12 -0300
Published in jammy-updates
Published in jammy-security 
tar (1.34+dfsg-1ubuntu0.1.22.04.1) jammy-security; urgency=medium

  * SECURITY UPDATE: one-byte out of bounds
    - debian/patches/CVE-2022-48303.patch: check limit in
      src/list.c.
    - CVE-2022-48303

 -- Leonidas Da Silva Barbosa <email address hidden>  Wed, 15 Feb 2023 12:45:50 -0300
Published in bionic-updates
Published in bionic-security 
tar (1.29b-2ubuntu0.4) bionic-security; urgency=medium

  * SECURITY UPDATE: one-byte out of bounds
    - debian/patches/CVE-2022-48303.patch: check limit in
      src/list.c.
    - CVE-2022-48303

 -- Leonidas Da Silva Barbosa <email address hidden>  Wed, 15 Feb 2023 11:55:10 -0300
Published in focal-updates
Published in focal-security 
tar (1.30+dfsg-7ubuntu0.20.04.3) focal-security; urgency=medium

  * SECURITY UPDATE: one-byte out of bounds
    - debian/patches/CVE-2022-48303.patch: check limit in
      src/list.c.
    - CVE-2022-48303

 -- Leonidas Da Silva Barbosa <email address hidden>  Thu, 09 Feb 2023 14:17:35 -0300
Superseded in lunar-release
Deleted in lunar-proposed (Reason: Moved to lunar) 
tar (1.34+dfsg-1.1) unstable; urgency=medium

  * Non-maintainer upload

  [ Mechtilde ]
  * [730f266] Improved d/copyright with patch 
    from Bastian Germann <email address hidden> (Closes:  #1024084)

 -- Mechtilde Stehmann <email address hidden>  Sun, 20 Nov 2022 15:52:41 +0100
Superseded in lunar-release
Obsolete in kinetic-release
Published in jammy-release
Deleted in jammy-proposed (Reason: Moved to jammy) 
tar (1.34+dfsg-1build3) jammy; urgency=high

  * No change rebuild for ppc64el baseline bump.

 -- Julian Andres Klode <email address hidden>  Fri, 25 Mar 2022 10:52:14 +0100
Superseded in focal-updates
Superseded in focal-security 
tar (1.30+dfsg-7ubuntu0.20.04.2) focal-security; urgency=medium

  * SECURITY UPDATE: Denial of service (LP: #1912091)
    - debian/patches/CVE-2021-20193.patch: in read_header method in
      src/list.c, change the return value to be the value of status
      and break the execution, jumping to free next_long_name and
      next_long_link before returning.
    - CVE-2021-20193

 -- Rodrigo Figueiredo Zaiden <email address hidden>  Tue, 15 Mar 2022 09:59:59 -0300
Superseded in bionic-updates
Superseded in bionic-security 
tar (1.29b-2ubuntu0.3) bionic-security; urgency=medium

  * SECURITY UPDATE: Denial of service (LP: #1912091)
    - debian/patches/CVE-2021-20193.patch: in read_header method in
      src/list.c, change the return value to be the value of status
      and break the execution, jumping to free next_long_name and
      next_long_link before returning.
    - CVE-2021-20193

 -- Rodrigo Figueiredo Zaiden <email address hidden>  Tue, 15 Mar 2022 09:58:06 -0300
Superseded in jammy-release
Deleted in jammy-proposed (Reason: Moved to jammy)
Deleted in impish-proposed (Reason: Moved to jammy) 
tar (1.34+dfsg-1build2) impish; urgency=medium

  * No-change rebuild to build packages with zstd compression.

 -- Matthias Klose <email address hidden>  Thu, 07 Oct 2021 12:25:16 +0200
Superseded in jammy-release
Obsolete in impish-release
Obsolete in hirsute-release
Deleted in hirsute-proposed (Reason: moved to Release) 
tar (1.34+dfsg-1build1) hirsute; urgency=medium

  * No change rebuild fixed ownership.

 -- Dimitri John Ledkov <email address hidden>  Thu, 25 Feb 2021 14:02:31 +0000
Superseded in hirsute-release
Deleted in hirsute-proposed (Reason: moved to Release) 
tar (1.34+dfsg-1) unstable; urgency=medium

  * New upstream version

 -- Janos Lenart <email address hidden>  Wed, 17 Feb 2021 09:55:26 +0000
Superseded in hirsute-proposed 
tar (1.33+dfsg-1) unstable; urgency=medium

  * New upstream version
  * Removed unsafe escaping from mailcap-entry; closes: #982614
  * Fixed trailing whitespaces in debian/{changelog,control,rules}

 -- Janos Lenart <email address hidden>  Fri, 12 Feb 2021 15:15:21 +0000

Available diffs

Published in precise-updates
Published in precise-security 
tar (1.26-4ubuntu1.2) precise-security; urgency=medium

  * SECURITY UPDATE: Infinite read loop
    - debian/patches/CVE-2018-20482.patch: Add handling for short read
      condition in sparse_dump_region() of src/sparse.c.
    - CVE-2018-20482
  * SECURITY UPDATE: NULL pointer dereference
    - debian/patches/CVE-2019-9923.patch: Check for NULL return value from
      find_next_block in src/sparse.c.
    - CVE-2019-9923

 -- Avital Ostromich <email address hidden>  Mon, 11 Jan 2021 20:45:20 -0500
Published in xenial-updates
Published in xenial-security 
tar (1.28-2.1ubuntu0.2) xenial-security; urgency=medium

  * SECURITY UPDATE: Infinite read loop
    - debian/patches/Fix-CVE-2018-20482.patch: Add handling for short read
      condition in sparse_dump_region() of src/sparse.c.
    - CVE-2018-20482
  * SECURITY UPDATE: NULL pointer dereference
    - debian/patches/CVE-2019-9923.patch: Check for NULL return value from
      find_next_block in src/sparse.c.
    - CVE-2019-9923

 -- Avital Ostromich <email address hidden>  Wed, 16 Dec 2020 16:39:55 -0500
Obsolete in groovy-updates
Obsolete in groovy-security 
tar (1.30+dfsg-7ubuntu0.20.10.1) groovy-security; urgency=medium

  * SECURITY UPDATE: NULL pointer dereference
    - debian/patches/CVE-2019-9923.patch: Check for NULL return value from
      find_next_block in src/sparse.c.
    - CVE-2019-9923

 -- Avital Ostromich <email address hidden>  Tue, 15 Dec 2020 20:33:30 -0500
Superseded in focal-updates
Superseded in focal-security 
tar (1.30+dfsg-7ubuntu0.20.04.1) focal-security; urgency=medium

  * SECURITY UPDATE: NULL pointer dereference
    - debian/patches/CVE-2019-9923.patch: Check for NULL return value from
      find_next_block in src/sparse.c.
    - CVE-2019-9923

 -- Avital Ostromich <email address hidden>  Tue, 15 Dec 2020 20:38:40 -0500
Superseded in bionic-updates
Superseded in bionic-security 
tar (1.29b-2ubuntu0.2) bionic-security; urgency=medium

  * SECURITY UPDATE: Infinite read loop
    - debian/patches/Fix-CVE-2018-20482.patch: Add handling for short read
      condition in sparse_dump_region() of src/sparse.c.
    - CVE-2018-20482
  * SECURITY UPDATE: NULL pointer dereference
    - debian/patches/CVE-2019-9923.patch: Check for NULL return value from
      find_next_block in src/sparse.c.
    - CVE-2019-9923

 -- Avital Ostromich <email address hidden>  Tue, 15 Dec 2020 20:39:17 -0500
Superseded in hirsute-release
Deleted in hirsute-proposed (Reason: moved to Release) 
tar (1.32+dfsg-1) unstable; urgency=medium

  * New upstream version; closes: #892273
  * Huge thanks to Bdale for maintaining tar since 1995; closes: #973844

 -- Janos Lenart <email address hidden>  Fri, 20 Nov 2020 09:52:51 +0000

Available diffs

Superseded in hirsute-release
Obsolete in groovy-release
Published in focal-release
Deleted in focal-proposed (Reason: moved to Release) 
tar (1.30+dfsg-7) unstable; urgency=medium

  * remove libattr1-dev build-dep, as we no longer use it, closes: #953902

 -- Bdale Garbee <email address hidden>  Sat, 14 Mar 2020 14:24:29 -0600

Available diffs

Superseded in focal-release
Obsolete in eoan-release
Deleted in eoan-proposed (Reason: moved to release) 
tar (1.30+dfsg-6) unstable; urgency=medium

  * eliminate ancient prerm cleanup code that breaks with merged /usr, 
    and is no longer considered useful, closes: #926722

 -- Bdale Garbee <email address hidden>  Tue, 23 Apr 2019 10:05:54 -0600

Available diffs

Superseded in eoan-release
Obsolete in disco-release
Deleted in disco-proposed (Reason: moved to release) 
tar (1.30+dfsg-5) unstable; urgency=medium

  * change libexecdir in configure to /usr/sbin, closes: #760247, #919493
  * switched to upstream man pages as of 1.29b, closes: #729980, #391060
  * add references to the non-free tar-doc package, and the URL for the
    tar documentation on the FSF's web site to README.Debian, 
    closes: #711726

 -- Bdale Garbee <email address hidden>  Mon, 04 Feb 2019 10:43:28 -0700

Available diffs

Superseded in bionic-updates
Deleted in bionic-proposed (Reason: moved to -updates) 
tar (1.29b-2ubuntu0.1) bionic; urgency=medium

  * debian/patches/git_add_file.patch:
    - backport "Fix the --add-file option." upstream commit,
      thanks Martin Vogt (lp: #1809827)

 -- Sebastien Bacher <email address hidden>  Mon, 21 Jan 2019 17:38:11 +0100
Superseded in disco-release
Deleted in disco-proposed (Reason: moved to release) 
tar (1.30+dfsg-4) unstable; urgency=medium

  * merge NMU 
  * update standards version
  * include upstream homepage reference, closes: #888210

 -- Bdale Garbee <email address hidden>  Sat, 05 Jan 2019 16:15:25 -0700

Available diffs

Superseded in disco-release
Deleted in disco-proposed (Reason: moved to release) 
tar (1.30+dfsg-3) unstable; urgency=medium

  * elide reference to non-existent section 5 page from section 1 tar manpage,
    closes: #846490
  * update README.Debian to reflect ncompress now being in main
  * remove the NEWS file since it's more than a decade since the latest content
    and the text there confuses new users
  * stop delivering the /etc/rmt script, use a symlink instead, closes: #653043
  * fold in patch for difflink.at (test number 92) that fixes kfreebsd builds,
    closes: #837351
  * apply patch to allow test suite to pass on Hurd again, closes: #910985
  * apply patch to incorporate zstd support, closes: #894065
  * apply patch to correct Italian translation, closes: #852462

 -- Bdale Garbee <email address hidden>  Fri, 16 Nov 2018 21:33:47 -1000

Available diffs

Superseded in disco-release
Obsolete in cosmic-release
Deleted in cosmic-proposed (Reason: moved to release) 
tar (1.30+dfsg-2) unstable; urgency=medium

  * updated pristine-tar patch from Antonio Terceiro, making it possible for
    pristine-tar to ask tar to recreate pre-1.30 broken behavior so that it's
    possible to recover a tar file stored in a repo in the old, broken format.
    closes: #897653
  * patch from upstream that fixes race condition in dirrem01 and dirrem02
    tests when building on a slow machine, closes: #897591

 -- Bdale Garbee <email address hidden>  Wed, 16 May 2018 01:47:48 -0600
Superseded in cosmic-proposed 
tar (1.30+dfsg-1) unstable; urgency=medium

  * new upstream version
  * update Vcs entries for move of packaging repo to salsa.debian.org
  * add depends/conflicts tar version details to tar-scripts, closes: #865428

 -- Bdale Garbee <email address hidden>  Sun, 29 Apr 2018 12:39:42 -0600
Superseded in cosmic-release
Published in bionic-release
Obsolete in artful-release
Deleted in artful-proposed (Reason: moved to release) 
tar (1.29b-2) unstable; urgency=medium

  * add suggests tar-doc, closes: #856958
  * increase test suite verbosity and dump test results into build log on 
    make check failure for kfreebsd team
  * move primary git repo to collab-maint

 -- Bdale Garbee <email address hidden>  Fri, 21 Jul 2017 08:35:22 -0600

Available diffs

Obsolete in yakkety-updates
Obsolete in yakkety-security 
tar (1.29b-1ubuntu0.1) yakkety-security; urgency=medium

  * SECURITY UPDATE: extract pathname bypass
    - debian/patches/CVE-2016-6321.patch: skip members whose names contain
      ".." in src/extract.c.
    - CVE-2016-6321

 -- Marc Deslauriers <email address hidden>  Thu, 17 Nov 2016 11:04:09 -0500
Published in trusty-updates
Published in trusty-security 
tar (1.27.1-1ubuntu0.1) trusty-security; urgency=medium

  * SECURITY UPDATE: extract pathname bypass
    - debian/patches/CVE-2016-6321.patch: skip members whose names contain
      ".." in src/extract.c.
    - CVE-2016-6321

 -- Marc Deslauriers <email address hidden>  Thu, 17 Nov 2016 11:06:49 -0500
Superseded in xenial-updates
Superseded in xenial-security 
tar (1.28-2.1ubuntu0.1) xenial-security; urgency=medium

  * SECURITY UPDATE: extract pathname bypass
    - debian/patches/CVE-2016-6321.patch: skip members whose names contain
      ".." in src/extract.c.
    - CVE-2016-6321

 -- Marc Deslauriers <email address hidden>  Thu, 17 Nov 2016 11:06:07 -0500
Superseded in precise-updates
Superseded in precise-security 
tar (1.26-4ubuntu1.1) precise-security; urgency=medium

  * SECURITY UPDATE: extract pathname bypass
    - debian/patches/CVE-2016-6321.patch: skip members whose names contain
      ".." in src/extract.c.
    - CVE-2016-6321

 -- Marc Deslauriers <email address hidden>  Thu, 17 Nov 2016 11:07:39 -0500
Superseded in artful-release
Obsolete in zesty-release
Deleted in zesty-proposed (Reason: moved to release) 
tar (1.29b-1.1) unstable; urgency=medium

  * Non-maintainer upload.
  * CVE-2016-6321: Bypassing the extract path name.
    When extracting, member names containing '..' components are skipped.
    (Closes: #842339)

 -- Salvatore Bonaccorso <email address hidden>  Sun, 30 Oct 2016 07:35:31 +0100

Available diffs

Superseded in zesty-release
Obsolete in yakkety-release
Deleted in yakkety-proposed (Reason: moved to release) 
tar (1.29b-1) unstable; urgency=medium

  * re-constitute the 1.29 orig.tar with man pages as version 1.29b
  * re-enable parallel builds and increase build verbosity, closes: #824631
  * switch to man pages provided by upstream since 1.28, closes: #827017, 
    #391714, #473228, #524819, #711725, #720877, #766016, #779795.

 -- Bdale Garbee <email address hidden>  Fri, 22 Jul 2016 13:13:55 -0600

Available diffs

Superseded in yakkety-release
Deleted in yakkety-proposed (Reason: moved to release) 
tar (1.29-1) unstable; urgency=medium

  * new upstream version, closes: #816072

 -- Bdale Garbee <email address hidden>  Tue, 17 May 2016 12:37:57 -0600

Available diffs

Superseded in yakkety-release
Deleted in yakkety-proposed (Reason: moved to release) 
tar (1.28-2.2) unstable; urgency=medium

  * Non-maintainer upload.
  * debian/patches/0001-Work-around-unlinkat-bug-on-FreeBSD-and-GNU-
    Hurd.patch: upstream testsuite fixes for GNU/HURD and KFreeBSD-*
    ports.

 -- Gianfranco Costamagna <email address hidden>  Wed, 27 Apr 2016 13:13:03 +0200

Available diffs

Superseded in yakkety-release
Published in xenial-release
Deleted in xenial-proposed (Reason: moved to release) 
tar (1.28-2.1) unstable; urgency=medium

  * Non-maintainer upload.
  [ Gianfranco Costamagna ]
  * Disable silent rules, to have more verbose builds.
  * Fix missing MAKEFLAGS in $(MAKE) call, preventing parallel builds.

  [ Marc Deslauriers ]
  * debian/patches/use-sort-in-t-dir-tests.diff: upstream patch to fix
    test sort order (Closes: #803012)

 -- Gianfranco Costamagna <email address hidden>  Wed, 04 Nov 2015 10:04:22 +0100
Superseded in xenial-release
Deleted in xenial-proposed (Reason: moved to release) 
tar (1.28-2ubuntu1) xenial; urgency=medium

  * debian/patches/use-sort-in-t-dir-tests.diff: upstream patch to fix
    test sort order.

 -- Marc Deslauriers <email address hidden>  Tue, 03 Nov 2015 21:57:36 -0600
Superseded in xenial-proposed 
tar (1.28-2) unstable; urgency=low

  * patch from upstream to fix --files-from and recursive extract,
    closes: #800380

 -- Bdale Garbee <email address hidden>  Mon, 28 Sep 2015 15:39:02 -0600
Superseded in xenial-release
Obsolete in wily-release
Obsolete in vivid-release
Obsolete in utopic-release
Deleted in utopic-proposed (Reason: moved to release) 
tar (1.27.1-2) unstable; urgency=low


  * patch from David Gilman adds watch file with signature verification, 
    closes: #742351
  * patch from David Gilman fixes problem with multi-line descriptions,
    closes: #593149

 -- Bdale Garbee <email address hidden>  Sat, 22 Mar 2014 15:55:03 -0600

Available diffs

Superseded in utopic-release
Published in trusty-release
Deleted in trusty-proposed (Reason: moved to release) 
tar (1.27.1-1) unstable; urgency=low


  * new upstream version

 -- Bdale Garbee <email address hidden>  Mon, 03 Feb 2014 18:05:53 -0700

Available diffs

Superseded in trusty-release
Deleted in trusty-proposed (Reason: moved to release) 
tar (1.27-4) unstable; urgency=low


  * add ACL, XATTR, and SELinux support by augmenting build-deps so the
    configure will find the right libraries, closes: #732071

 -- Bdale Garbee <email address hidden>  Sat, 14 Dec 2013 10:05:08 -0700

Available diffs

Superseded in trusty-release
Deleted in trusty-proposed (Reason: moved to release) 
tar (1.27-3) unstable; urgency=low


  * patch from Joey Hess to allow tar to replicate 1.26 output on behalf
    of pristine-tar, closes: #728025
  * honor DEB_BUILD_OPTIONS parallel=<n>, honor dpkg-buildflags in build
    target in addition to configure target, closes: #727196
  * lower mime priority to 1 so interactive packages using the default
    priority of 5 win, closes: #727303

 -- Bdale Garbee <email address hidden>  Sun, 03 Nov 2013 09:40:31 -0700

Available diffs

Superseded in trusty-proposed 
tar (1.27-1) unstable; urgency=low


  * new upstream version
  * prefix backup and restore scripts with tar- to avoid conflicts with
    other packages like openafs-client, closes: #724064, #724240
  * move "libexec" content in tar-scripts to /usr/lib/tar, closes: #724238

 -- Bdale Garbee <email address hidden>  Tue, 15 Oct 2013 09:56:45 -0600
Superseded in trusty-release
Obsolete in saucy-release
Deleted in saucy-proposed (Reason: moved to release) 
tar (1.26+dfsg-8) unstable; urgency=low


  * cherry-pick upstream commit at Pino Toscano's suggestion to fix FTBFS
    on hurd-i386, closes: #719863

 -- Bdale Garbee <email address hidden>  Fri, 16 Aug 2013 11:37:40 +0200

Available diffs

Superseded in saucy-release
Deleted in saucy-proposed (Reason: moved to release) 
tar (1.26+dfsg-6) unstable; urgency=low


  * cherry-pick upstream commit at Paul Eggert's suggestion to address link
    extraction issue, closes: #452365

 -- Bdale Garbee <email address hidden>  Fri, 31 May 2013 12:12:35 -0600

Available diffs

Superseded in saucy-release
Obsolete in raring-release
Deleted in raring-proposed (Reason: moved to release) 
tar (1.26+dfsg-5) unstable; urgency=low


  [ Wookey ]
  * Fix included gnulib so we don't get FTBFS with eglibc-2.16, 
    closes: #693352, #701419

  [ Bdale Garbee ]
  * update mailcap entries to use %s, closes: #681302
  * include the http://www.gnu.org/software/tar/utils/tarcat script for use 
    with multi-volume archives, closes: #492036

 -- Bdale Garbee <email address hidden>  Mon, 01 Apr 2013 09:17:04 -0600
Superseded in raring-release
Deleted in raring-proposed (Reason: moved to release) 
tar (1.26+dfsg-0.1ubuntu1) raring; urgency=low

  * Resynchronise with Debian.  Remaining changes:
    - Fix build failure with glibc 2.16.
150 of 99 results FirstPreviousLast