Index index by Group index by Distribution index by Vendor index by creation date index by Name Mirrors Help Search

tar-rmt-1.30-lp152.3.2 RPM for aarch64

From OpenSuSE Ports Leap 15.2 for aarch64

Name: tar-rmt Distribution: openSUSE Leap 15.2
Version: 1.30 Vendor: openSUSE
Release: lp152.3.2 Build date: Thu Nov 7 21:08:04 2019
Group: Productivity/Archiving/Backup Build host: obs-arm-3
Size: 70895 Source RPM: tar-1.30-lp152.3.2.src.rpm
Packager: https://bugs.opensuse.org
Url: https://www.gnu.org/software/tar/
Summary: Remote tape drive control server by GNU
Provides remote access to files and devices for tar, cpio
and similar backup utilities

Provides

Requires

License

GPL-3.0-or-later

Changelog

* Mon Mar 25 2019 Kristýna Streitová <kstreitova@suse.com>
  - add tar-1.30-CVE-2018-20482.patch to fix a security issue where
    tar when "--sparse" option is used, mishandles file shrinkage
    during read access, which allows local users to cause a denial
    of service (infinite read loop in sparse_dump_region in sparse.c)
    by modifying a file that is supposed to be archived by a different
    user's process [bsc#1120610] [CVE-2018-20482]
  - add tar-1.30-CVE-2019-9923.patch to fix a security issue where
    pax_decode_header in sparse.c in tar had a NULL pointer
    dereference when parsing certain archives that have malformed
    extended headers [bsc#1130496] [CVE-2019-9923]
* Fri May 11 2018 kstreitova@suse.com
  - add tar-1.30-tests_dirrem_race.patch to fix race in dirrem01 and
    dirrem02 tests that were passing/failing randomly because of that
  - run spec-cleaner
  - renumber patches
* Tue Apr 03 2018 kukuk@suse.de
  - Use %license instead of %doc [bsc#1082318]
* Thu Jan 04 2018 kstreitova@suse.com
  - add tar-1.30-tests-difflink.patch to fix difflink.at test
    (https://www.mail-archive.com/bug-tar@gnu.org/msg05440.html)
* Mon Dec 18 2017 avindra@opensuse.org
  - GNU tar 1.30:
    * Member names containing '..' components are now skipped when
      extracting.
    * Report erroneous use of position-sensitive options.
    * --numeric-owner now affects private headers too.
    * Fixed the --delay-directory-restore option
    * The --warnings=failed-read option
    * The --warnings=none option now suppresses all warnings
    * Fix reporting of hardlink mismatches during compare
  - cleanup with spec-cleaner
  - switch all urls to https
  - drop upstreamed patches
    * add-return-values-to-backup-scripts.patch
    * tar-1.29-extract_pathname_bypass.patch
  - rebase add_readme-tests.patch
* Thu Apr 20 2017 kstreitova@suse.com
  - remove tar-1.26-remove_O_NONBLOCK.patch as this issue was fixed
    in tar 1.27 (commit 03858cf583ce299b836d8a848967ce290a6bf303)
* Mon Apr 03 2017 svalx@svalx.net
  - Use update-alternatives according to current documentation
* Mon Mar 27 2017 svalx@svalx.net
  - Disable tar-1.26-remove_O_NONBLOCK.patch - this issue has been
    fixed in tar-1.27
  - backup-scripts subpackage change to noarch
  - Change rpm group of tar-tests to Development/Tools/Other
  - Enable rmt building, change package description
  - Switch rmt to alternatives system
  - Separate rmt subpackage - it can be used by different archiving
    tools as a dedicated program
  - Change rmt path to /usr/bin folder - it can be used by non privileged
    users for backup purposes. Security is controlled by access rights to
    the targets and remote shell.
  - Separate doc subpackage
  - Remove conditions for old SUSE builds and lang subpackage
  - Rename restore script to restore.sh for avoiding file conflicts
    with dump/restore
* Thu Mar 23 2017 kstreitova@suse.com
  - move binaries from /bin to /usr/bin [bsc#1029977]
    * refresh tar-backup-spec-fix-paths.patch to change path of the
      tar binary from TAR=/bin/tar to TAR=/usr/bin/tar
  - use spec-cleaner
* Thu Dec 15 2016 vcizek@suse.com
  - update tar-1.29-extract_pathname_bypass.patch to the upstream
    one that fixes POINTYFEATHER issue but it doesn't limit append or
    create operations as the initial patch did [bsc#1012633]
    [CVE-2016-6321]
* Tue Nov 08 2016 kstreitova@suse.com
  - add tar-1.29-extract_pathname_bypass.patch to fix POINTYFEATHER
    vulnerability - GNU tar archiver can be tricked into extracting
    files and directories in the given destination, regardless of the
    path name(s) specified on the command line [bsc#1007188]
    [CVE-2016-6321]
* Sat May 28 2016 astieger@suse.com
  - GNU tar 1.29:
    * New options: --verbatim-files-from, --no-verbatim-files-from
    * --null option reads file names verbatim
    * New options: --owner-map=FILE and --group-map=FILE
    * New option --clamp-mtime
    * Deprecated --preserve option removed
    * Sparse file detection - now uses SEEK_DATA/SEEK_HOLE on
      systems that support it. This allows for considerable speed-up
      in sparse-file detection. New option --hole-detection for
      algorithm selection.
* Wed Mar 23 2016 svalx@svalx.net
  - Add add-return-values-to-backup-scripts.patch
* Mon Apr 13 2015 vcizek@suse.com
  - Revert tar-recursive--files-from.patch because it causes regression
    (bnc#918487, bnc#919233)
* Mon Feb 09 2015 vcizek@suse.com
  - extract files recursively with --files-from (bnc#913058)
    * added tar-recursive--files-from.patch
  - call autoreconf in %prep
* Sun Dec 21 2014 meissner@suse.com
  - build with PIE
* Thu Nov 20 2014 andreas.stieger@gmx.de
  - compile in ACLs, Xattr and selinux support [boo#906413]

Files

/etc/alternatives/rmt
/etc/alternatives/rmt.1.gz
/usr/bin/gnurmt
/usr/bin/rmt
/usr/share/man/man1/gnurmt.1.gz
/usr/share/man/man1/rmt.1.gz


Generated by rpm2html 1.8.1

Fabrice Bellet, Sat Mar 9 12:07:01 2024