Index index by Group index by Distribution index by Vendor index by creation date index by Name Mirrors Help Search

tar-backup-scripts-1.30-lp152.4.3.1 RPM for noarch

From OpenSuSE Leap 15.2 updates for noarch

Name: tar-backup-scripts Distribution: openSUSE Leap 15.2
Version: 1.30 Vendor: openSUSE
Release: lp152.4.3.1 Build date: Mon Mar 29 20:18:46 2021
Group: Productivity/Archiving/Backup Build host: lamb16
Size: 29422 Source RPM: tar-1.30-lp152.4.3.1.src.rpm
Summary: Backup scripts
Shell scripts for system backup/restore






* Mon Mar 15 2021
  - security update
  - added patches
    fix CVE-2021-20193 [bsc#1181131], Memory leak in read_header() in list.c
    + tar-CVE-2021-20193.patch
* Mon Mar 25 2019 Kristýna Streitová <>
  - add tar-1.30-CVE-2018-20482.patch to fix a security issue where
    tar when "--sparse" option is used, mishandles file shrinkage
    during read access, which allows local users to cause a denial
    of service (infinite read loop in sparse_dump_region in sparse.c)
    by modifying a file that is supposed to be archived by a different
    user's process [bsc#1120610] [CVE-2018-20482]
  - add tar-1.30-CVE-2019-9923.patch to fix a security issue where
    pax_decode_header in sparse.c in tar had a NULL pointer
    dereference when parsing certain archives that have malformed
    extended headers [bsc#1130496] [CVE-2019-9923]
* Fri May 11 2018
  - add tar-1.30-tests_dirrem_race.patch to fix race in dirrem01 and
    dirrem02 tests that were passing/failing randomly because of that
  - run spec-cleaner
  - renumber patches
* Tue Apr 03 2018
  - Use %license instead of %doc [bsc#1082318]
* Thu Jan 04 2018
  - add tar-1.30-tests-difflink.patch to fix test
* Mon Dec 18 2017
  - GNU tar 1.30:
    * Member names containing '..' components are now skipped when
    * Report erroneous use of position-sensitive options.
    * --numeric-owner now affects private headers too.
    * Fixed the --delay-directory-restore option
    * The --warnings=failed-read option
    * The --warnings=none option now suppresses all warnings
    * Fix reporting of hardlink mismatches during compare
  - cleanup with spec-cleaner
  - switch all urls to https
  - drop upstreamed patches
    * add-return-values-to-backup-scripts.patch
    * tar-1.29-extract_pathname_bypass.patch
  - rebase add_readme-tests.patch
* Thu Apr 20 2017
  - remove tar-1.26-remove_O_NONBLOCK.patch as this issue was fixed
    in tar 1.27 (commit 03858cf583ce299b836d8a848967ce290a6bf303)
* Mon Apr 03 2017
  - Use update-alternatives according to current documentation
* Mon Mar 27 2017
  - Disable tar-1.26-remove_O_NONBLOCK.patch - this issue has been
    fixed in tar-1.27
  - backup-scripts subpackage change to noarch
  - Change rpm group of tar-tests to Development/Tools/Other
  - Enable rmt building, change package description
  - Switch rmt to alternatives system
  - Separate rmt subpackage - it can be used by different archiving
    tools as a dedicated program
  - Change rmt path to /usr/bin folder - it can be used by non privileged
    users for backup purposes. Security is controlled by access rights to
    the targets and remote shell.
  - Separate doc subpackage
  - Remove conditions for old SUSE builds and lang subpackage
  - Rename restore script to for avoiding file conflicts
    with dump/restore
* Thu Mar 23 2017
  - move binaries from /bin to /usr/bin [bsc#1029977]
    * refresh tar-backup-spec-fix-paths.patch to change path of the
      tar binary from TAR=/bin/tar to TAR=/usr/bin/tar
  - use spec-cleaner
* Thu Dec 15 2016
  - update tar-1.29-extract_pathname_bypass.patch to the upstream
    one that fixes POINTYFEATHER issue but it doesn't limit append or
    create operations as the initial patch did [bsc#1012633]
* Tue Nov 08 2016
  - add tar-1.29-extract_pathname_bypass.patch to fix POINTYFEATHER
    vulnerability - GNU tar archiver can be tricked into extracting
    files and directories in the given destination, regardless of the
    path name(s) specified on the command line [bsc#1007188]
* Sat May 28 2016
  - GNU tar 1.29:
    * New options: --verbatim-files-from, --no-verbatim-files-from
    * --null option reads file names verbatim
    * New options: --owner-map=FILE and --group-map=FILE
    * New option --clamp-mtime
    * Deprecated --preserve option removed
    * Sparse file detection - now uses SEEK_DATA/SEEK_HOLE on
      systems that support it. This allows for considerable speed-up
      in sparse-file detection. New option --hole-detection for
      algorithm selection.
* Wed Mar 23 2016
  - Add add-return-values-to-backup-scripts.patch
* Mon Apr 13 2015
  - Revert tar-recursive--files-from.patch because it causes regression
    (bnc#918487, bnc#919233)
* Mon Feb 09 2015
  - extract files recursively with --files-from (bnc#913058)
    * added tar-recursive--files-from.patch
  - call autoreconf in %prep
* Sun Dec 21 2014
  - build with PIE
* Thu Nov 20 2014
  - compile in ACLs, Xattr and selinux support [boo#906413]



Generated by rpm2html 1.8.1

Fabrice Bellet, Mon Dec 6 23:14:52 2021