X-Git-Url: https://git.gag.com/?a=blobdiff_plain;f=NEWS;h=8370882e59e5fd3dbb29962fced190b55620ab5d;hb=0377937105e413b9c08207bd253f76fe5c1493b1;hp=881c9d61abe33394ef9f896501567f27dedd839f;hpb=e7921f54c622e3b32e525f345bc34308821e4ae0;p=debian%2Fgzip diff --git a/NEWS b/NEWS index 881c9d6..8370882 100644 --- a/NEWS +++ b/NEWS @@ -1,3 +1,77 @@ +GNU gzip NEWS -*- outline -*- + +* Noteworthy changes in release 1.4 (2010-01-20) [stable] + +** Bug fixes + + gzip -d could segfault and/or clobber the stack, possibly leading to + arbitrary code execution. This affects x86_64 but not 32-bit systems. + This fixes CVE-2010-0001. + For more details, see http://bugzilla.redhat.com/554418 + + gzip -d would fail with a CRC error for some valid inputs. + So far, the only valid input known to exhibit this failure was + compressed "from FAT filesystem (MS-DOS, OS/2, NT)". In addition, + to trigger the failure, your memcpy implementation must copy in + the "reverse" order. + + +* Noteworthy changes in release 1.3.14 (2009-10-30) [beta] + +** Bug fixes + + gzip no longer fails when there is exactly one trailing NUL byte + gzip has always accepted trailing NUL bytes. Note the plural. + + zdiff would exit with status 2 (indicating an error) rather than 1 to + indicate differences when both inputs were compressed and different. + + zdiff would fail to print differences in two compressed inputs + + zgrep -f - didn't work + + +* Noteworthy changes in release 1.3.13 (2009-09-30) [stable] + +** Bug fixes + + gzip -d no longer fails with "-" as 2nd or subsequent argument + + gzip no longer ignores a close-induced write failure, e.g., on NFS + + gzip -d no longer segfaults on certain invalid inputs + + +Major changes in Gzip 1.3.12 (2007-04-13) + +* znew now uses $TMPDIR (default /tmp) instead of always using /tmp. + +* 'gzip -f foo.gz' now creates a file foo.gz.gz instead of complaining. + +* It is now documented that gzip ignores case when examining file name + extensions; for example, 'gzip test.Gz' (without -f) fails because + the file name ends in '.Gz'. + +Major changes in Gzip 1.3.11 (2007-02-05) + +* As per the GNU coding standards, the behavior of gzip and its + companion executables no longer depend on the name used to invoke them. + For example, 'gzip' and 'gunzip' are no longer hard links; + instead, 'gunzip' is now a small program that invokes 'gzip -d'. + +* zdiff now checks for subsidiary gzip failures, and works around + bugs in IRIX 6 sh, Tru64 4.0F ksh, and Solaris 8 bash. + +Major changes in Gzip 1.3.10 (2006-12-30) + +* gzip -c and zcat now work on special files, files with special mode bits, + and files with multiple hard links. +* gzip -q now exits with status 2 (not 1) when SIGPIPE is received. +* zcmp and zdiff did not work in the usual case, due to a typo. +* zgrep has many bugs fixed with argument handling, special characters, + and exit status. +* zless no longer mishandles $%=~ in file names. + Gzip 1.3.9 (2006-12-15) * No major changes; only porting fixes. @@ -309,11 +383,12 @@ Major changes form 0.5 to 0.6: ======================================================================== -Copyright (C) 1999, 2001, 2002, 2006 Free Software Foundation, Inc. +Copyright (C) 1999, 2001-2002, 2006-2007, 2009-2010 Free Software Foundation, +Inc. Copyright (C) 1992, 1993 Jean-loup Gailly Permission is granted to copy, distribute and/or modify this document -under the terms of the GNU Free Documentation License, Version 1.2 or +under the terms of the GNU Free Documentation License, Version 1.3 or any later version published by the Free Software Foundation; with no Invariant Sections, with no Front-Cover Texts, and with no Back-Cover Texts. A copy of the license is included in the ``GNU Free