X-Git-Url: https://git.gag.com/?a=blobdiff_plain;f=debian%2Fchangelog;h=c885a97e545be6d2442d96342547a6ded0b6a979;hb=1ff2f5cb0aa2b2098f6b22b8df395c6e0d12e23e;hp=dce92ad9ed5f055158ac584f0a85c5770206ba0f;hpb=9843760ee8d4f4285a7c635bf78a30cdb3ddf3d6;p=debian%2Ftar

diff --git a/debian/changelog b/debian/changelog
index dce92ad9..c885a97e 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,5 +1,15 @@
-tar (1.29-2) unstable; urgency=medium
+tar (1.29b-1.1) unstable; urgency=medium
 
+  * Non-maintainer upload.
+  * CVE-2016-6321: Bypassing the extract path name.
+    When extracting, member names containing '..' components are skipped.
+    (Closes: #842339)
+
+ -- Salvatore Bonaccorso <carnil@debian.org>  Sun, 30 Oct 2016 07:35:31 +0100
+
+tar (1.29b-1) unstable; urgency=medium
+
+  * re-constitute the 1.29 orig.tar with man pages as version 1.29b
   * re-enable parallel builds and increase build verbosity, closes: #824631
   * switch to man pages provided by upstream since 1.28, closes: #827017, 
     #391714, #473228, #524819, #711725, #720877, #766016, #779795.