projects / debian / tar / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Import Debian changes 1.29b-1.1
[debian/tar] / debian / changelog
diff --git a/debian/changelog b/debian/changelog
index fd3c1cf6005d14ace8353a94d18435c90da639d8..c885a97e545be6d2442d96342547a6ded0b6a979 100644 (file)
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,12 @@
+tar (1.29b-1.1) unstable; urgency=medium
+
+  * Non-maintainer upload.
+  * CVE-2016-6321: Bypassing the extract path name.
+    When extracting, member names containing '..' components are skipped.
+    (Closes: #842339)
+
+ -- Salvatore Bonaccorso <carnil@debian.org>  Sun, 30 Oct 2016 07:35:31 +0100
+
 tar (1.29b-1) unstable; urgency=medium
 
   * re-constitute the 1.29 orig.tar with man pages as version 1.29b
Debian packaging of tar