Sébastien Luttringer pushed to branch main at Arch Linux / Packaging / Packages / tar
Commits: 74df9879 by Sébastien Luttringer at 2023-09-30T14:02:17+02:00 Remove dangling patch - - - - - 23d47df2 by Sébastien Luttringer at 2023-09-30T14:17:44+02:00 upgpkg: 1.35-2 - Enable backup scripts (FS#79491) - - - - - 3 changed files: - + .SRCINFO - − 01-fix-cve-2022-48303.patch - PKGBUILD Changes: ===================================== .SRCINFO ===================================== @@ -0,0 +1,18 @@ +pkgbase = tar + pkgdesc = Utility used to store, backup, and transport files + pkgver = 1.35 + pkgrel = 2 + url = https://www.gnu.org/software/tar/ + arch = x86_64 + license = GPL3 + checkdepends = attr + depends = glibc + depends = acl + options = !emptydirs + source = https://ftp.gnu.org/gnu/tar/tar-1.35.tar.xz + source = https://ftp.gnu.org/gnu/tar/tar-1.35.tar.xz.sig + validpgpkeys = 325F650C4C2B6AD58807327A3602B07F55D0C732 + sha256sums = 4d62ff37342ec7aed748535323930c7cf94acf71c3591882b26a7ea50f3edc16 + sha256sums = SKIP + +pkgname = tar ===================================== 01-fix-cve-2022-48303.patch deleted ===================================== @@ -1,31 +0,0 @@ -From 1d530107a24d71e798727d7f0afa0833473d1074 Mon Sep 17 00:00:00 2001 -From: =?UTF-8?q?Matej=20Mu=C5=BEila?= <mmuz...@gmail.com> -Date: Wed, 11 Jan 2023 08:55:58 +0100 -Subject: [PATCH] Fix savannah bug #62387 - -* src/list.c (from_header): Check for the end of field after leading byte - (0x80 or 0xff) of base-256 encoded header value ---- - src/list.c | 6 ++++++ - 1 file changed, 6 insertions(+) - -diff --git a/src/list.c b/src/list.c -index 9fafc425..bf41b581 100644 ---- a/src/list.c -+++ b/src/list.c -@@ -895,6 +895,12 @@ from_header (char const *where0, size_t digs, char const *type, - << (CHAR_BIT * sizeof (uintmax_t) - - LG_256 - (LG_256 - 2))); - value = (*where++ & ((1 << (LG_256 - 2)) - 1)) - signbit; -+ if (where == lim) -+ { -+ if (type && !silent) -+ ERROR ((0, 0, _("Archive base-256 value is invalid"))); -+ return -1; -+ } - for (;;) - { - value = (value << LG_256) + (unsigned char) *where++; --- -2.38.1 - ===================================== PKGBUILD ===================================== @@ -4,7 +4,7 @@ pkgname=tar pkgver=1.35 -pkgrel=1 +pkgrel=2 pkgdesc='Utility used to store, backup, and transport files' arch=('x86_64') url='https://www.gnu.org/software/tar/' @@ -33,7 +33,11 @@ prepare() { build() { cd $pkgname-$pkgver - ./configure --prefix=/usr --libexecdir=/usr/lib/tar + ./configure \ + --prefix=/usr \ + --sbindir=/usr/bin \ + --libexecdir=/usr/lib/tar \ + --enable-backup-scripts make } View it on GitLab: https://gitlab.archlinux.org/archlinux/packaging/packages/tar/-/compare/e6740e621c9860fe56875ee0c8698f1fa9c1a341...23d47df2369e70dba362ac0e70036baef2475bdb -- View it on GitLab: https://gitlab.archlinux.org/archlinux/packaging/packages/tar/-/compare/e6740e621c9860fe56875ee0c8698f1fa9c1a341...23d47df2369e70dba362ac0e70036baef2475bdb You're receiving this email because of your account on gitlab.archlinux.org.