tardiff 0.1-2+deb8u2build0.14.04.1 source package in Ubuntu
Changelog
tardiff (0.1-2+deb8u2build0.14.04.1) trusty-security; urgency=medium * fake sync from Debian tardiff (0.1-2+deb8u2) jessie-security; urgency=high * Non-maintainer upload by the Security Team. * Add fix for shell command injection via tar filename itself. This fix is as well part of the CVE-2015-0857 assignment but was previously missed. tardiff (0.1-2+deb8u1) jessie-security; urgency=high * Add patch to fix miscalculated statistics. (Closes: #802098) * Add patches to fix two security issues: + CVE-2015-0857: shell command injection through file names + CVE-2015-0858: /tmp race condition in handling temporary directory Issues found and reported by Rainer Müller and Florian Weimer. Additional necessary changes: + Add new run-time dependency on libtext-diff-perl. -- Marc Deslauriers <email address hidden> Tue, 24 May 2016 09:23:53 -0400
Upload details
- Uploaded by:
- Marc Deslauriers
- Uploaded to:
- Trusty
- Original maintainer:
- Axel Beckert
- Architectures:
- all
- Section:
- utils
- Urgency:
- Very Urgent
See full publishing history Publishing
Series | Published | Component | Section | |
---|---|---|---|---|
Trusty | updates | universe | utils | |
Trusty | security | universe | utils |
Downloads
File | Size | SHA-256 Checksum |
---|---|---|
tardiff_0.1.orig.tar.bz2 | 1.9 KiB | 58f86a33b268bb7a30c1fa0e5b4d9a44434e1e5c5b7b7ba70d1a8e43f77ad765 |
tardiff_0.1-2+deb8u2build0.14.04.1.debian.tar.gz | 5.0 KiB | 1960b593f6112657889cf96745518ab4d4ea49c15a8ce916ac678d26a47c9857 |
tardiff_0.1-2+deb8u2build0.14.04.1.dsc | 1.8 KiB | afdd91fc6417f0ac08ee4b644ae186587f78ea3ced025f1c05cf84475e21c000 |
Available diffs
Binary packages built by this source
- tardiff: Tarball comparison tool
TarDiff compares the contents of two tarballs and reports on any
differences found between them. Its use is mainly for release
managers who can use it as a QA tool to make sure no files have
accidently been left over or were added by mistake. TarDiff supports
compressed tarballs, diff statistics and suppression of GNU autotool
changes.