-tar (1.29b-3) UNRELEASED; urgency=medium
+tar (1.29b-2) unstable; urgency=medium
+ * add suggests tar-doc, closes: #856958
* dump test results into build log on make check failure for kfreebsd team
-- Bdale Garbee <bdale@gag.com> Thu, 08 Jun 2017 12:20:20 -0600
-tar (1.29b-2) unstable; urgency=medium
+tar (1.29b-1.1) unstable; urgency=medium
- * add suggests tar-doc, closes: #856958
+ * Non-maintainer upload.
+ * CVE-2016-6321: Bypassing the extract path name.
+ When extracting, member names containing '..' components are skipped.
+ (Closes: #842339)
- -- Bdale Garbee <bdale@gag.com> Tue, 07 Mar 2017 08:49:50 -0700
+ -- Salvatore Bonaccorso <carnil@debian.org> Sun, 30 Oct 2016 07:35:31 +0100
tar (1.29b-1) unstable; urgency=medium
--- /dev/null
+Description: When extracting, skip ".." members (CVE-2016-6321)
+Origin: upstream, http://git.savannah.gnu.org/cgit/tar.git/commit/?id=7340f67b9860ea0531c1450e5aa261c50f67165d
+Bug-Debian: https://bugs.debian.org/842339
+Forwarded: not-needed.
+Author: Paul Eggert <eggert@Penguin.CS.UCLA.EDU>
+Last-Update: 2016-10-30
+---
+ src/extract.c | 8 ++++++++
+ 2 files changed, 15 insertions(+), 1 deletion(-)
+
+--- a/src/extract.c
++++ b/src/extract.c
+@@ -1629,12 +1629,20 @@ extract_archive (void)
+ {
+ char typeflag;
+ tar_extractor_t fun;
++ bool skip_dotdot_name;
+
+ fatal_exit_hook = extract_finish;
+
+ set_next_block_after (current_header);
+
++ skip_dotdot_name = (!absolute_names_option
++ && contains_dot_dot (current_stat_info.orig_file_name));
++ if (skip_dotdot_name)
++ ERROR ((0, 0, _("%s: Member name contains '..'"),
++ quotearg_colon (current_stat_info.orig_file_name)));
++
+ if (!current_stat_info.file_name[0]
++ || skip_dotdot_name
+ || (interactive_option
+ && !confirm ("extract", current_stat_info.file_name)))
+ {