Change log for libarchive package in Ubuntu
| 76 → 115 of 115 results | First • Previous • Next • Last |
libarchive (3.1.2-7ubuntu2.1) trusty-security; urgency=medium
* SECURITY UPDATE: absolute path traversal vulnerability in bsdcpio
- debian/patches/CVE-2015-2304.patch: don't allow absolute paths by
default in cpio/cpio.c, libarchive/archive.h,
libarchive/archive_write_disk_posix.c, added test to
libarchive/test/test_write_disk_secure.c, updated documentation in
cpio/bsdcpio.1, libarchive/archive_write_disk.3.
- CVE-2015-2304
-- Marc Deslauriers <email address hidden> Tue, 24 Mar 2015 12:43:54 -0400
Available diffs
| Superseded in wily-release |
| Obsolete in vivid-release |
| Deleted in vivid-proposed (Reason: moved to release) |
libarchive (3.1.2-11) unstable; urgency=medium
* Add d/p/Add-ARCHIVE_EXTRACT_SECURE_NOABSOLUTEPATHS-option.patch
(Closes: #778266)
-- Andreas Henriksson <email address hidden> Thu, 05 Mar 2015 14:54:43 +0100
Available diffs
- diff from 3.1.2-10 to 3.1.2-11 (2.4 KiB)
libarchive (3.1.2-10) unstable; urgency=medium
* Add d/p/Do-not-overwrite-file-size-if-the-local-file-header-.patch
- cherry-picked from upstream git commit e234932de2474c4f99787
Thanks to Maximiliano Curia (Closes: #769290)
-- Andreas Henriksson <email address hidden> Thu, 20 Nov 2014 21:10:43 +0100
Available diffs
- diff from 3.1.2-9 to 3.1.2-10 (1.0 KiB)
| Superseded in vivid-release |
| Obsolete in utopic-release |
| Deleted in utopic-proposed (Reason: moved to release) |
libarchive (3.1.2-9) unstable; urgency=medium [ Andreas Henriksson ] * Drop Andres Mejia from Uploaders by request of MIA (Closes: #743538) [ Breno Leitao ] * Use dh-autoreconf for the benefit of ppc64el (Closes: #750483) [ Andreas Henriksson ] * Bump Standards-Version to 3.9.5 -- Andreas Henriksson <email address hidden> Sun, 17 Aug 2014 10:45:27 +0200
Available diffs
| Superseded in utopic-release |
| Published in trusty-release |
| Deleted in trusty-proposed (Reason: moved to release) |
libarchive (3.1.2-7ubuntu2) trusty; urgency=medium * Build using dh-autoreconf. -- Matthias Klose <email address hidden> Sat, 14 Dec 2013 13:40:40 +0100
Available diffs
- diff from 3.1.2-7ubuntu1 to 3.1.2-7ubuntu2 (651 bytes)
libarchive (3.1.2-7ubuntu1) trusty; urgency=low
* debian/tests/minitar:
- Fix minitar dep8 test to check for application/gzip rather than
application/x-gzip
-- Michael Terry <email address hidden> Wed, 11 Dec 2013 11:36:08 -0500
Available diffs
- diff from 3.1.2-5ubuntu1 to 3.1.2-7ubuntu1 (1.9 KiB)
- diff from 3.1.2-7 (in Debian) to 3.1.2-7ubuntu1 (720 bytes)
libarchive (3.1.2-7) unstable; urgency=low * Upload to unstable. -- Andres Mejia <email address hidden> Sat, 25 May 2013 16:07:06 -0400
| Superseded in trusty-release |
| Obsolete in saucy-release |
| Obsolete in raring-release |
| Deleted in raring-proposed (Reason: moved to release) |
libarchive (3.1.2-5ubuntu1) raring; urgency=low * Drop build dependency on lrzip (universe only). LP: #1163280. * Configure with --disable-silent-rules. -- Matthias Klose <email address hidden> Thu, 04 Apr 2013 14:47:10 +0200
Available diffs
libarchive (3.1.2-5) experimental; urgency=low * Update patch to fix LZO test cases to use changes from upstream. * Update homepage field for new homepage URL. * Add upstream changes to fix building libarchive with lrzip support. -- Andres Mejia <email address hidden> Sun, 24 Feb 2013 16:44:32 -0500
Available diffs
- diff from 3.1.2-3 to 3.1.2-5 (3.1 KiB)
libarchive (3.1.2-3) experimental; urgency=low
* Update gbp.conf to point to branches used for libarchive packaging in
experimental.
* Disable LZO support, it is broken on some architectures.
-- Andres Mejia <email address hidden> Sun, 10 Feb 2013 12:43:35 -0500
Available diffs
- diff from 3.0.4-2git2 (in Ubuntu) to 3.1.2-3 (924.4 KiB)
libarchive (3.0.4-2git2) raring; urgency=low Upload current Debian packaging git to fix autopkgtest failure on i386. [ Benjamin Drung ] * Add autopkgtest (LP: #1073390). [ Martin Pitt ] * Add examples-offset-type.patch: Fix offset data type in examples. -- Martin Pitt <email address hidden> Tue, 20 Nov 2012 15:02:23 +0100
Available diffs
- diff from 3.0.4-2git1 to 3.0.4-2git2 (884 bytes)
libarchive (3.0.4-2git1) raring; urgency=low Upload current Debian packaging git. * Add autopkgtest (LP: #1073390). -- Benjamin Drung <email address hidden> Mon, 12 Nov 2012 14:17:40 +0100
Available diffs
libarchive (3.0.4-2) unstable; urgency=low
* Add debian/patches/gcc-4.7-fixes-from-upstream.patch
(Closes: #674368, #672690)
-- Andreas Henriksson <email address hidden> Thu, 24 May 2012 14:49:41 +0200
Available diffs
- diff from 3.0.4-1 to 3.0.4-2 (1.3 KiB)
libarchive (3.0.4-1) unstable; urgency=low * New upstream release. * Patches removed, applied upstream. -- Andres Mejia <email address hidden> Thu, 29 Mar 2012 09:44:15 -0400
Available diffs
- diff from 3.0.3-6ubuntu1 (in Ubuntu) to 3.0.4-1 (415.3 KiB)
libarchive (3.0.3-6ubuntu1) precise; urgency=low
* Add 03_ignore_fiemap_errors.patch: Ignore FIEMAP errors on linux < 2.6.28.
This fixes a failing test case (and thus FTBFS) when building this on a
hardy-based buildds. This can be dropped once the buildds get upgraded to
something more modern. Thanks to Savvas Radevic for the patch!
(LP: #942994)
-- Martin Pitt <email address hidden> Fri, 16 Mar 2012 10:10:24 +0100
Available diffs
libarchive (3.0.3-6) unstable; urgency=low
* Add patch to fix infinite loop in xps files (Closes: #662603)
- Thanks for the patch to Savvas Radevic!
-- Andreas Henriksson <email address hidden> Mon, 05 Mar 2012 16:23:05 +0100
Available diffs
- diff from 3.0.3-5 to 3.0.3-6 (16.6 KiB)
libarchive (3.0.3-5) unstable; urgency=low * Detect if locales or locales-all is installed for use with test suite. * Bump Standards-Version to 3.9.3. -- Andres Mejia <email address hidden> Thu, 23 Feb 2012 19:29:24 -0500
Available diffs
- diff from 2.8.5-5 to 3.0.3-5 (2.8 MiB)
libarchive (2.8.5-5) unstable; urgency=medium
* Backport fixes for fix for CVE-2011-1777 and CVE-2011-1778.
(Closes: #651844)
* Fix build failure for GNU/Hurd. (Closes: #651995)
* Regenerate autoreconf patch.
-- Andres Mejia <email address hidden> Wed, 14 Dec 2011 12:18:31 -0500
Available diffs
| Superseded in precise-release |
libarchive (2.8.5-3ubuntu1) precise; urgency=low
* SECURITY UPDATE: arbitrary code execution via iso9660 overflows
- debian/patches/CVE-2011-1777.patch: correctly fail on out of memory
conditions in libarchive/archive_read_support_format_iso9660.c.
- CVE-2011-1777
* SECURITY UPDATE: arbitrary code execution via tar overflows
- debian/patches/CVE-2011-1778.patch: correctly fail on out of memory
conditions in libarchive/archive_read_support_format_tar.c
- CVE-2011-1778
-- Marc Deslauriers <email address hidden> Fri, 09 Dec 2011 09:52:51 -0500
Available diffs
libarchive (2.8.0-2ubuntu0.1) lucid-security; urgency=low
* SECURITY UPDATE: arbitrary code execution via iso9660 overflows
- debian/patches/CVE-2011-1777.patch: correctly fail on out of memory
conditions in libarchive/archive_read_support_format_iso9660.c.
- CVE-2011-1777
* SECURITY UPDATE: arbitrary code execution via tar overflows
- debian/patches/CVE-2011-1778.patch: correctly fail on out of memory
conditions in libarchive/archive_read_support_format_tar.c
- CVE-2011-1778
-- Marc Deslauriers <email address hidden> Fri, 09 Dec 2011 15:25:53 -0500
Available diffs
libarchive (2.8.4-1ubuntu0.10.10.1) maverick-security; urgency=low
* SECURITY UPDATE: arbitrary code execution via iso9660 overflows
- debian/patches/CVE-2011-1777.patch: correctly fail on out of memory
conditions in libarchive/archive_read_support_format_iso9660.c.
- CVE-2011-1777
* SECURITY UPDATE: arbitrary code execution via tar overflows
- debian/patches/CVE-2011-1778.patch: correctly fail on out of memory
conditions in libarchive/archive_read_support_format_tar.c
- CVE-2011-1778
-- Marc Deslauriers <email address hidden> Fri, 09 Dec 2011 12:34:05 -0500
Available diffs
libarchive (2.8.4-1ubuntu0.11.04.1) natty-security; urgency=low
* SECURITY UPDATE: arbitrary code execution via iso9660 overflows
- debian/patches/CVE-2011-1777.patch: correctly fail on out of memory
conditions in libarchive/archive_read_support_format_iso9660.c.
- CVE-2011-1777
* SECURITY UPDATE: arbitrary code execution via tar overflows
- debian/patches/CVE-2011-1778.patch: correctly fail on out of memory
conditions in libarchive/archive_read_support_format_tar.c
- CVE-2011-1778
-- Marc Deslauriers <email address hidden> Fri, 09 Dec 2011 15:22:52 -0500
Available diffs
libarchive (2.8.4-1ubuntu0.11.10.1) oneiric-security; urgency=low
* SECURITY UPDATE: arbitrary code execution via iso9660 overflows
- debian/patches/CVE-2011-1777.patch: correctly fail on out of memory
conditions in libarchive/archive_read_support_format_iso9660.c.
- CVE-2011-1777
* SECURITY UPDATE: arbitrary code execution via tar overflows
- debian/patches/CVE-2011-1778.patch: correctly fail on out of memory
conditions in libarchive/archive_read_support_format_tar.c
- CVE-2011-1778
-- Marc Deslauriers <email address hidden> Fri, 09 Dec 2011 12:34:05 -0500
Available diffs
| Superseded in precise-release |
libarchive (2.8.5-3build1) precise; urgency=low * Rebuild for liblzma5. -- Colin Watson <email address hidden> Wed, 02 Nov 2011 09:05:07 -0400
Available diffs
- diff from 2.8.5-3 to 2.8.5-3build1 (351 bytes)
libarchive (2.8.5-3) unstable; urgency=low
* Fix upgrade breakage because of manpages being moved from libarchive1 to
libarchive-dev. (Closes: #641978)
* Make short descriptions for packages unique.
* Explicitly set config options to be used during builds.
Available diffs
- diff from 2.8.4-1 to 2.8.5-3 (463.5 KiB)
| Superseded in precise-release |
| Obsolete in oneiric-release |
| Obsolete in natty-release |
| Obsolete in maverick-release |
libarchive (2.8.4-1) unstable; urgency=low
* Update debian/watch for new code.google.com layout.
* update patch series:
+ added 0003-Patch-from-upstream-rev-2516.patch
- Compatibility with WinISO generated iso files (Closes: #587513)
+ added 0004-Patch-from-upstream-rev-2514.patch
+ added 0005-Patch-from-upstream-rev-2520.patch
- Enable version stripping code in iso9660/joliet (Closes: #587316)
* Imported Upstream version 2.8.4
* update-patch-series:
+ added 0006-Patch-from-upstream-rev-2521.patch
+ added 0007-Ignore-ENOSYS-error-when-sett... (Closes: #588925)
- Big thanks to Modestas Vainius for awesome debugging!
-- Bhavani Shankar <email address hidden> Tue, 20 Jul 2010 16:42:54 +0100
Available diffs
- diff from 2.8.3-1build1 to 2.8.4-1 (403.5 KiB)
| Superseded in maverick-release |
libarchive (2.8.3-1build1) maverick; urgency=low * No change rebuild for liblzma1 -> liblzma2 transition -- Scott Kitterman <email address hidden> Thu, 17 Jun 2010 12:46:42 -0400
Available diffs
- diff from 2.8.3-1 to 2.8.3-1build1 (345 bytes)
libarchive (2.8.3-1) unstable; urgency=low
* Imported Upstream version 2.8.3
* update-patch-series: 0001-Clear-archive_error_number-in-archiv...
- gvfs has been fixed since, workaround not needed anymore.
-- Ubuntu Archive Auto-Sync <email address hidden> Sun, 09 May 2010 13:53:33 +0100
Available diffs
- diff from 2.8.0-2 to 2.8.3-1 (12.9 KiB)
libarchive (2.8.0-2) unstable; urgency=low
* Clean up libarchive.la file. (Closes: #571468)
- Thanks to Sune Vuorela for suggesting this fix.
* Update patch series:
+ added two patches matching revision 1990, 1991 from upstream
regarding PATH_MAX hopefully fixing build on Hurd.
Available diffs
- diff from 2.6.2-1build1 to 2.8.0-2 (1.3 MiB)
| Superseded in lucid-release |
libarchive (2.6.2-1build1) lucid; urgency=low
* rebuild rest of main for armel armv7/thumb2 optimization;
UbuntuSpec:mobile-lucid-arm-gcc-v7-thumb2
-- Alexander Sack <email address hidden> Sat, 06 Mar 2010 13:30:47 +0100
Available diffs
- diff from 2.6.2-1 to 2.6.2-1build1 (351 bytes)
libarchive (2.6.2-1) unstable; urgency=low * New Upstream Version. Closes: #516577. * Update watch file to new homepage. Closes: #517398.
Available diffs
- diff from 2.4.17-2 to 2.6.2-1 (353.1 KiB)
libarchive (2.4.17-2) unstable; urgency=high
[ John Goerzen ]
* Ignore failures in test suite due to bugs in the testsuite that were
turning into FTBFS bugs. Closes: #474400.
* Added README.Debian documenting need for largefile suport in
sources. Mostly used suggested text found in #479728. Closes:
#479728.
[ Bernhard R. Link ]
* Added symbols file for libarchive. Closes: #476516.
-- Ubuntu Archive Auto-Sync <email address hidden> Fri, 06 Jun 2008 21:32:38 +0100
Available diffs
- diff from 2.4.17-1 to 2.4.17-2 (1.9 KiB)
libarchive (2.4.17-1) unstable; urgency=high
* New Upstream Version
* This upstream version corrected several problems with the testsuite.
Therefore, we can now run test suite after build. Closes: #473221.
* uudecode is now used as part of the build. Added build-dep on sharutils.
Fixes FTBFS. Closes: #473266.
libarchive (2.2.4-1ubuntu1) hardy; urgency=low * Call the test suite on build, and have it fail the build if it fails. -- Martin Pitt <email address hidden> Fri, 28 Mar 2008 18:46:20 +0100
libarchive (2.2.4-1) unstable; urgency=high
* New upstream version with security fixes. Closes: #432924.
Fixes: CVE-2007-3641, CVE-2007-3644, CVE-2007-3645
-- Michael Bienia <email address hidden> Fri, 20 Jul 2007 09:51:41 +0100
libarchive (2.2.3-1) unstable; urgency=low * New upstream version. -- Ubuntu Archive Auto-Sync <email address hidden> Thu, 07 Jun 2007 15:48:16 +0100
libarchive (2.0.25-3) unstable; urgency=low * SONAME should not be tied to the tarball version string (Closes: #418637) Provide libarchive.so.1 as a backwards-compatible symlink to libarchive.so.2, reverting the package name to libarchive1. Patch from Neil Williams.
libarchive (1.3.1-1) unstable; urgency=high
* New upstream release.
* Applied FreeBSD patch for potential DoS.
This is CVS-2006-5680, FreeBSD SA-06:24.
-- Ubuntu Archive Auto-Sync <email address hidden> Wed, 20 Dec 2006 12:58:21 +0000
libarchive (1.2.53-2) unstable; urgency=low * Added build-dep on bison. Closes: #374200.
libarchive (1.02.036-2) unstable; urgency=low
* Added conflict on old libarchive-doc package.
This package never existed in testing or stable, so this conflict
can be removed before long.
-- John Goerzen <email address hidden> Tue, 18 Oct 2005 11:02:06 -0500
| 76 → 115 of 115 results | First • Previous • Next • Last |
