Hello community, here is the log from the commit of package ghc-tar for openSUSE:Factory checked in at 2016-05-17 17:14:48 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/ghc-tar (Old) and /work/SRC/openSUSE:Factory/.ghc-tar.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "ghc-tar" Changes: -------- --- /work/SRC/openSUSE:Factory/ghc-tar/ghc-tar.changes 2016-05-03 10:16:44.000000000 +0200 +++ /work/SRC/openSUSE:Factory/.ghc-tar.new/ghc-tar.changes 2016-05-17 17:14:50.000000000 +0200 @@ -1,0 +2,6 @@ +Wed May 4 07:33:10 UTC 2016 - mimi...@gmail.com + +- update to 0.5.0.3 +* Fix tarbomb logic to ignore special PAX entries. Was breaking many valid tarballs. + +------------------------------------------------------------------- Old: ---- tar-0.5.0.2.tar.gz New: ---- tar-0.5.0.3.tar.gz ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ ghc-tar.spec ++++++ --- /var/tmp/diff_new_pack.lDhEmW/_old 2016-05-17 17:14:51.000000000 +0200 +++ /var/tmp/diff_new_pack.lDhEmW/_new 2016-05-17 17:14:51.000000000 +0200 @@ -20,7 +20,7 @@ %bcond_with tests Name: ghc-tar -Version: 0.5.0.2 +Version: 0.5.0.3 Release: 0 Summary: Reading, writing and manipulating ".tar" archive files Group: System/Libraries ++++++ tar-0.5.0.2.tar.gz -> tar-0.5.0.3.tar.gz ++++++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/tar-0.5.0.2/Codec/Archive/Tar/Check.hs new/tar-0.5.0.3/Codec/Archive/Tar/Check.hs --- old/tar-0.5.0.2/Codec/Archive/Tar/Check.hs 2016-05-01 02:10:33.000000000 +0200 +++ new/tar-0.5.0.3/Codec/Archive/Tar/Check.hs 2016-05-03 14:23:27.000000000 +0200 @@ -120,6 +120,15 @@ checkTarbomb expectedTopDir = checkEntries (checkEntryTarbomb expectedTopDir) checkEntryTarbomb :: FilePath -> Entry -> Maybe TarBombError +checkEntryTarbomb _ entry | nonFilesystemEntry = Nothing + where + -- Ignore some special entries we will not unpack anyway + nonFilesystemEntry = + case entryContent entry of + OtherEntryType 'g' _ _ -> True --PAX global header + OtherEntryType 'x' _ _ -> True --PAX individual header + _ -> False + checkEntryTarbomb expectedTopDir entry = case FilePath.Native.splitDirectories (entryPath entry) of (topDir:_) | topDir == expectedTopDir -> Nothing diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/tar-0.5.0.2/changelog.md new/tar-0.5.0.3/changelog.md --- old/tar-0.5.0.2/changelog.md 2016-05-01 02:10:33.000000000 +0200 +++ new/tar-0.5.0.3/changelog.md 2016-05-03 14:23:27.000000000 +0200 @@ -1,3 +1,8 @@ +0.5.0.3 Duncan Coutts <dun...@community.haskell.org> May 2016 + + * Fix tarbomb logic to ignore special PAX entries. Was breaking many + valid tarballs. https://github.com/haskell/cabal/issues/3390 + 0.5.0.2 Duncan Coutts <dun...@community.haskell.org> April 2016 * Fix compatability when using ghc-7.4.x and directory >= 1.2.3 diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/tar-0.5.0.2/tar.cabal new/tar-0.5.0.3/tar.cabal --- old/tar-0.5.0.2/tar.cabal 2016-05-01 02:10:33.000000000 +0200 +++ new/tar-0.5.0.3/tar.cabal 2016-05-03 14:23:27.000000000 +0200 @@ -1,5 +1,5 @@ name: tar -version: 0.5.0.2 +version: 0.5.0.3 license: BSD3 license-file: LICENSE author: Duncan Coutts <dun...@community.haskell.org>