tardiff 0.1-2+deb8u2build0.14.04.1 source package in Ubuntu

Changelog

tardiff (0.1-2+deb8u2build0.14.04.1) trusty-security; urgency=medium

  * fake sync from Debian

tardiff (0.1-2+deb8u2) jessie-security; urgency=high

  * Non-maintainer upload by the Security Team.
  * Add fix for shell command injection via tar filename itself.
    This fix is as well part of the CVE-2015-0857 assignment but was
    previously missed.

tardiff (0.1-2+deb8u1) jessie-security; urgency=high

  * Add patch to fix miscalculated statistics. (Closes: #802098)
  * Add patches to fix two security issues:
    + CVE-2015-0857: shell command injection through file names
    + CVE-2015-0858: /tmp race condition in handling temporary directory
    Issues found and reported by Rainer Müller and Florian Weimer.
    Additional necessary changes:
    + Add new run-time dependency on libtext-diff-perl.

 -- Marc Deslauriers <email address hidden>  Tue, 24 May 2016 09:23:53 -0400

Upload details

Uploaded by:
Marc Deslauriers
Uploaded to:
Trusty
Original maintainer:
Axel Beckert
Architectures:
all
Section:
utils
Urgency:
Very Urgent

See full publishing history Publishing

Series Pocket Published Component Section
Trusty updates universe utils
Trusty security universe utils

Builds

Trusty: [FULLYBUILT] i386

Downloads

File Size SHA-256 Checksum
tardiff_0.1.orig.tar.bz2 1.9 KiB 58f86a33b268bb7a30c1fa0e5b4d9a44434e1e5c5b7b7ba70d1a8e43f77ad765
tardiff_0.1-2+deb8u2build0.14.04.1.debian.tar.gz 5.0 KiB 1960b593f6112657889cf96745518ab4d4ea49c15a8ce916ac678d26a47c9857
tardiff_0.1-2+deb8u2build0.14.04.1.dsc 1.8 KiB afdd91fc6417f0ac08ee4b644ae186587f78ea3ced025f1c05cf84475e21c000

View changes file

Binary packages built by this source

tardiff: Tarball comparison tool

 TarDiff compares the contents of two tarballs and reports on any
 differences found between them. Its use is mainly for release
 managers who can use it as a QA tool to make sure no files have
 accidently been left over or were added by mistake. TarDiff supports
 compressed tarballs, diff statistics and suppression of GNU autotool
 changes.