Index index by Group index by Distribution index by Vendor index by creation date index by Name Mirrors Help Search

tar-1.30-3.6.1 RPM for aarch64

From OpenSuSE Leap 15.3 for aarch64

Name: tar Distribution: SUSE Linux Enterprise 15
Version: 1.30 Vendor: SUSE LLC <>
Release: 3.6.1 Build date: Tue Mar 16 14:58:46 2021
Group: Productivity/Archiving/Backup Build host: ibs-arm-2
Size: 522555 Source RPM: tar-1.30-3.6.1.src.rpm
Summary: GNU implementation of ((t)ape (ar)chiver)
GNU Tar is an archiver program. It is used to create and manipulate files
that are actually collections of many other files; the program provides
users with an organized and systematic method of controlling a large amount
of data. Despite its name, that is an acronym of "tape archiver", GNU Tar
is able to direct its output to any available devices, files or other programs,
it may as well access remote devices or files.






* Mon Mar 15 2021
  - security update
  - added patches
    fix CVE-2021-20193 [bsc#1181131], Memory leak in read_header() in list.c
    + tar-CVE-2021-20193.patch
* Mon Mar 25 2019
  - add tar-1.30-CVE-2018-20482.patch to fix a security issue where
    tar when "--sparse" option is used, mishandles file shrinkage
    during read access, which allows local users to cause a denial
    of service (infinite read loop in sparse_dump_region in sparse.c)
    by modifying a file that is supposed to be archived by a different
    user's process [bsc#1120610] [CVE-2018-20482]
  - add tar-1.30-CVE-2019-9923.patch to fix a security issue where
    pax_decode_header in sparse.c in tar had a NULL pointer
    dereference when parsing certain archives that have malformed
    extended headers [bsc#1130496] [CVE-2019-9923]
* Fri May 11 2018
  - add tar-1.30-tests_dirrem_race.patch to fix race in dirrem01 and
    dirrem02 tests that were passing/failing randomly because of that
  - run spec-cleaner
  - renumber patches
* Tue Apr 03 2018
  - Use %license instead of %doc [bsc#1082318]
* Thu Jan 04 2018
  - add tar-1.30-tests-difflink.patch to fix test
* Mon Dec 18 2017
  - GNU tar 1.30:
    * Member names containing '..' components are now skipped when
    * Report erroneous use of position-sensitive options.
    * --numeric-owner now affects private headers too.
    * Fixed the --delay-directory-restore option
    * The --warnings=failed-read option
    * The --warnings=none option now suppresses all warnings
    * Fix reporting of hardlink mismatches during compare
  - cleanup with spec-cleaner
  - switch all urls to https
  - drop upstreamed patches
    * add-return-values-to-backup-scripts.patch
    * tar-1.29-extract_pathname_bypass.patch
  - rebase add_readme-tests.patch
* Thu Apr 20 2017
  - remove tar-1.26-remove_O_NONBLOCK.patch as this issue was fixed
    in tar 1.27 (commit 03858cf583ce299b836d8a848967ce290a6bf303)
* Mon Apr 03 2017
  - Use update-alternatives according to current documentation
* Mon Mar 27 2017
  - Disable tar-1.26-remove_O_NONBLOCK.patch - this issue has been
    fixed in tar-1.27
  - backup-scripts subpackage change to noarch
  - Change rpm group of tar-tests to Development/Tools/Other
  - Enable rmt building, change package description
  - Switch rmt to alternatives system
  - Separate rmt subpackage - it can be used by different archiving
    tools as a dedicated program
  - Change rmt path to /usr/bin folder - it can be used by non privileged
    users for backup purposes. Security is controlled by access rights to
    the targets and remote shell.
  - Separate doc subpackage
  - Remove conditions for old SUSE builds and lang subpackage
  - Rename restore script to for avoiding file conflicts
    with dump/restore
* Thu Mar 23 2017
  - move binaries from /bin to /usr/bin [bsc#1029977]
    * refresh tar-backup-spec-fix-paths.patch to change path of the
      tar binary from TAR=/bin/tar to TAR=/usr/bin/tar
  - use spec-cleaner
* Thu Dec 15 2016
  - update tar-1.29-extract_pathname_bypass.patch to the upstream
    one that fixes POINTYFEATHER issue but it doesn't limit append or
    create operations as the initial patch did [bsc#1012633]
* Tue Nov 08 2016
  - add tar-1.29-extract_pathname_bypass.patch to fix POINTYFEATHER
    vulnerability - GNU tar archiver can be tricked into extracting
    files and directories in the given destination, regardless of the
    path name(s) specified on the command line [bsc#1007188]
* Sat May 28 2016
  - GNU tar 1.29:
    * New options: --verbatim-files-from, --no-verbatim-files-from
    * --null option reads file names verbatim
    * New options: --owner-map=FILE and --group-map=FILE
    * New option --clamp-mtime
    * Deprecated --preserve option removed
    * Sparse file detection - now uses SEEK_DATA/SEEK_HOLE on
      systems that support it. This allows for considerable speed-up
      in sparse-file detection. New option --hole-detection for
      algorithm selection.
* Wed Mar 23 2016
  - Add add-return-values-to-backup-scripts.patch
* Mon Apr 13 2015
  - Revert tar-recursive--files-from.patch because it causes regression
    (bnc#918487, bnc#919233)
* Mon Feb 09 2015
  - extract files recursively with --files-from (bnc#913058)
    * added tar-recursive--files-from.patch
  - call autoreconf in %prep
* Sun Dec 21 2014
  - build with PIE
* Thu Nov 20 2014
  - compile in ACLs, Xattr and selinux support [boo#906413]



Generated by rpm2html 1.8.1

Fabrice Bellet, Sun Jun 9 13:50:02 2024