Back to tar PTS page

Accepted tar 1.27.1-2+deb8u1 (source) into proposed-updates->stable-new, proposed-updates



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Sun, 30 Oct 2016 07:48:55 +0100
Source: tar
Binary: tar tar-scripts
Architecture: source
Version: 1.27.1-2+deb8u1
Distribution: jessie-security
Urgency: high
Maintainer: Bdale Garbee <bdale@gag.com>
Changed-By: Salvatore Bonaccorso <carnil@debian.org>
Closes: 842339
Description: 
 tar        - GNU version of the tar archiving utility
 tar-scripts - optional scripts for GNU version of the tar archiving utility
Changes:
 tar (1.27.1-2+deb8u1) jessie-security; urgency=high
 .
   * Non-maintainer upload by the Security Team.
   * CVE-2016-6321: Bypassing the extract path name.
     When extracting, member names containing '..' components are skipped.
     (Closes: #842339)
Checksums-Sha1: 
 7c0ccb9634e780a798889e835142730e094cb18a 2049 tar_1.27.1-2+deb8u1.dsc
 ff027757abf420beb2f09fa59b37debbd45b15dd 1704252 tar_1.27.1.orig.tar.xz
 39a2f53db5bc8d2b0d90aab3f9502a5abb4ae573 32632 tar_1.27.1-2+deb8u1.debian.tar.xz
Checksums-Sha256: 
 e42e96a9cdf325d7f030306735a1380276670deb72541a7f97ffe59a1e32e67b 2049 tar_1.27.1-2+deb8u1.dsc
 58169c5a03c04be20d3fb91010b01e822c6a58060a96e7cf2f9c1944de0151ab 1704252 tar_1.27.1.orig.tar.xz
 dc2e495770f6c1c79a4e299d4008c8cb1f91a48e823751bc95d7f26ae498f995 32632 tar_1.27.1-2+deb8u1.debian.tar.xz
Files: 
 d28624d0fbf4b3b28b0e56a34f28132c 2049 utils required tar_1.27.1-2+deb8u1.dsc
 992c029086ad2ab7c27d5c32db7d4400 1704252 utils required tar_1.27.1.orig.tar.xz
 fc2673e35962a76a9624d05b96fb0b46 32632 utils required tar_1.27.1-2+deb8u1.debian.tar.xz

-----BEGIN PGP SIGNATURE-----

iQKPBAEBCgB5BQJYFZmXXxSAAAAAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w
ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXQ0NjQ0NDA5ODA4QzE3MUUwNTUzMURERUUw
NTRDQjhGMzEzNDNDRjQ0EhxjYXJuaWxAZGViaWFuLm9yZwAKCRAFTLjzE0PPRNns
D/wIe9Ix9+BADZLYWUydM6edaN+hBlFL4bmW5SFKebmvkSwFnnOwv/zLHXde4NEd
2op7Ok8bCWIYI/Md67bWKstJjmGyMIg8Ez8csYNZjjsYnqkAFl2O9KMPFfFwIQjr
Xr092VZqyqlYpQaUi9Wvk5Pf9KyxJNA2yDiWXqM0Ry7V8JcK3ExetxcI35iSuWDQ
7G9c/Wmdr9Bsj+xeV43pPY1PjCuMOfAKDcsX95ZiZ2e8QgwDg2f0i0tIHpmYkdy1
gFMES81iZF1615I6lMbJNh/IXVRUjSmfMSfm/Sj94rfm3aSlgOvaBzXjkelAUzD+
IUfoHSWbq0jQd8HxhdtjRAgiHsgTaSHpmZwMrXVurD+1DWBKWMHgdmBXG4UfszYV
DI9TnfbJRwgnFHCpHDeETv51nOpnpu45g4tfBYX33PRFwZzJSA83/SPK9JpYWuF2
VwaVwVtNyAWQWLee0fPY1TC4Z7mjOU821aIbGBto5TpzlJLTbmtXhqtKnNNSMA31
MonpCspKJTza7njfl6NcTwDI6IoROHKHPrMoAuk+bXc5UujmbUS+1tO+1s3x+Awf
TjVOMBbtZ2RNdREKlzot1Td8zIXQZ+/aWD3nqNOgvjRbKUnr3oFI6XOBoT7oD20I
quL56ZpDEr3+PGryjOEfBaBEitDiN3Z+Z1g/7NR4+24Dlw==
=TiVx
-----END PGP SIGNATURE-----