Accepted cpio 2.14+dfsg-1 (source) into unstable
- To: debian-devel-changes@lists.debian.org
- Subject: Accepted cpio 2.14+dfsg-1 (source) into unstable
- From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
- Date: Fri, 22 Dec 2023 06:19:25 +0000
- Debian: DAK
- Debian-architecture: source
- Debian-archive-action: accept
- Debian-changes: cpio_2.14+dfsg-1_source.changes
- Debian-source: cpio
- Debian-suite: unstable
- Debian-version: 2.14+dfsg-1
- Dkim-signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=ftp-master.debian.org; s=smtpauto.fasolo; h=Date:Message-Id: Content-Transfer-Encoding:Content-Type:Subject:MIME-Version:To:Reply-To:From: Cc:Content-ID:Content-Description:In-Reply-To:References; bh=/gekYk/5BJ/S3yRMU0W4t4cNkTvyQYM7YUs0NZO06Vc=; b=ZiAaroX7x7SKSo2Zcjf8+6i5Cs eF3kALVb4JYCWTm1+29Y0OBfRTuJheQJdeGfn3i0XIHaQlvDvRyG0j3hN0BpR13L0yTteC0Rwslau 2nXigySoGmfEVnyTgftI9cV+mDtWd+hDse0mXWCF5vVlad6hWnCcYkuvX9kvsM3tNhxo63uT7CRCS ko4O56OwRACkB5eugHdwIdjDlX6gwIFL1lOR6dgLcUtTxvl1RRJQ16/FxDSrNWVClW/IT8Lkp4eRR 4Bf4jf0jNmOhFiKo3DC6z1JzWUPbIZIbBnv6mYemPn5U/zFG0wTMdQ74lH5aed1FGk1BVhYnohP1J l0Czc0iw==;
- Mail-followup-to: debian-devel@lists.debian.org
- Message-id: <E1rGYsX-00CNr0-0k@fasolo.debian.org>
- Reply-to: debian-devel@lists.debian.org
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Fri, 22 Dec 2023 16:38:54 +1100
Source: cpio
Architecture: source
Version: 2.14+dfsg-1
Distribution: unstable
Urgency: medium
Maintainer: Anibal Monsalve Salazar <anibal@debian.org>
Changed-By: Anibal Monsalve Salazar <anibal@debian.org>
Closes: 925021 1049402 1059163 1059238
Changes:
cpio (2.14+dfsg-1) unstable; urgency=medium
.
* New upstream release
Closes: #1049402
Noteworthy changes in this release:
- New option --ignore-dirnlink
Valid in copy-out mode, it instructs cpio to ignore the actual number
of links reported for each directory member and always store 2
instead.
- Changes in --reproducible option
The --reproducible option implies --ignore-dirlink. In other words,
it is equivalent to --ignore-devno --ignore-dirnlink --renumber-inodes.
- Use GNU ls algorithm for deciding timestamp format in -tv mode
- Bugfixes
- Fix cpio header verification.
- Fix handling of device numbers on copy out.
- Fix calculation of CRC in copy-out mode.
- Rewrite the fix for CVE-2015-1197.
- Fix combination of --create --append --directory.
- Fix appending to archives bigger than 2G.
* Update uploaders list
Closes: #925021
* Standards-Version: 4.6.2
* Fix Path traversal vulnerability due to partial revert of fix for CVE-2015-1197
Closes: #1059163
* cpio-win32 is no longer needed
Closes: #1059238
Checksums-Sha1:
eb78be01c0a20b510407d20c8b6271aafa6359b8 1906 cpio_2.14+dfsg-1.dsc
c07f9046d70b4d83f873138bb7561e7b218ce6b9 1515680 cpio_2.14+dfsg.orig.tar.bz2
9336fac43abbb385ffc8637c67120a90e508ec0d 15096 cpio_2.14+dfsg-1.debian.tar.xz
0b09f929fb782060d6594b90aa49d8d7326bebd5 5582 cpio_2.14+dfsg-1_amd64.buildinfo
Checksums-Sha256:
1317473ea3b00cebce77af6ed954f98088087a460aa7a804c87c5def78b990a3 1906 cpio_2.14+dfsg-1.dsc
a45e1c39445fe663e0184d4d72b9f3d5f7ca273e875ce1992fafe49babff592c 1515680 cpio_2.14+dfsg.orig.tar.bz2
345cacb20aa4407f5db41ce9ea47c53a0304db8cec7031536f033bc1c44ac957 15096 cpio_2.14+dfsg-1.debian.tar.xz
d3468c3b3527726a39db610cd94eecd15c718cd96e9c9f46251ea9cdce4f6273 5582 cpio_2.14+dfsg-1_amd64.buildinfo
Files:
24196598763567c4564a0444d0f4863e 1906 utils important cpio_2.14+dfsg-1.dsc
a13f5918ce2580c1da5ea98dd8b34722 1515680 utils important cpio_2.14+dfsg.orig.tar.bz2
33392e3b8e3a8d5acf3ef044ef2ace1c 15096 utils important cpio_2.14+dfsg-1.debian.tar.xz
75094246fbcf85ac90766840c2d36711 5582 utils important cpio_2.14+dfsg-1_amd64.buildinfo
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEExgRcgTiHt3wt/5elfFas/pR4l9gFAmWFIcUACgkQfFas/pR4
l9hmTQ//SNNwjdHybVL6YDzuOy4I0mfLiWzu22NJyl6LrkpX5fhvL6RKKAN8gkSE
OuT/WE3HnXF4Yi/zyYxdzCHAJMrRNzIq9gGU77trgMGiFRrL/oLvAZt02a4TfwkE
ZvnWjpgws/jw3hQRik0SMK0u60G+IVDWjSu3EeJWaQudw6ssdOKpc+OBFTQpXwYI
2W6NhXTEMpKIPChUXLevHlPJOf9XvA8CA/NxRyGpAUt9d0miubE4qjLGVo617Jv7
CXoy/vACeK47nd4POYaSXqqo2M96btqc8AKPMkdk9/ZlHR9PEor0GWVCatXyXckK
7oWBoUdCuwsMu3mRukDd+sPNyIdtvakLzdRLn5VzeWviqVSRmn1PZDYWA74S37Ur
QQe8G8V3kdr33vkTrQV3feFcYnH1v0zupMb9lqCCuiVdXmgK0AbBUwdtrgvYH9M4
0EGm13k1pvLH2EU7cHVV1kArGgTqXKcQ1ewyoCYLo4+8THTUPaa7VeQQtuzLycCC
U1UPs+YRLt+3TdltOpXdq0kO8xYPCKriy8cArpvpVzwc62DVR8cF6kPro0b8OJzA
4sEoyKsNSafRoRn6McNfmydQEs0wPIeCe4t7TKTX55NKSyEy/10jKJtDXjCstKNg
NSpQkefjoaPMKsnxUzu/t2OI9CTcNEz/0DFoRqQOXt1Rbl3yYrc=
=yVvG
-----END PGP SIGNATURE-----