X-Git-Url: https://git.gag.com/?a=blobdiff_plain;f=debian%2Fchangelog;h=c885a97e545be6d2442d96342547a6ded0b6a979;hb=1ff2f5cb0aa2b2098f6b22b8df395c6e0d12e23e;hp=fd3c1cf6005d14ace8353a94d18435c90da639d8;hpb=3aafbd66a0fa7396af0e2ed3f422c4de268ed4fe;p=debian%2Ftar

diff --git a/debian/changelog b/debian/changelog
index fd3c1cf6..c885a97e 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,12 @@
+tar (1.29b-1.1) unstable; urgency=medium
+
+  * Non-maintainer upload.
+  * CVE-2016-6321: Bypassing the extract path name.
+    When extracting, member names containing '..' components are skipped.
+    (Closes: #842339)
+
+ -- Salvatore Bonaccorso <carnil@debian.org>  Sun, 30 Oct 2016 07:35:31 +0100
+
 tar (1.29b-1) unstable; urgency=medium
 
   * re-constitute the 1.29 orig.tar with man pages as version 1.29b