From f96982badeebf4cafe95716420bca82a7a21823b8fd2ea62da74805a8e72a099 Mon Sep 17 00:00:00 2001 From: Marcus Meissner Date: Wed, 20 Feb 2019 13:12:44 +0000 Subject: [PATCH] Accepting request 676145 from home:kstreitova:branches:Base:System - update to version 1.31 * Fix heap-buffer-overrun with --one-top-level, bug introduced with the addition of that option in 1.28 * Support for zstd compression * New option '--zstd' instructs tar to use zstd as compression program. When listing, extractng and comparing, zstd compressed archives are recognized automatically. When '-a' option is in effect, zstd compression is selected if the destination archive name ends in '.zst' or '.tzst'. * The -K option interacts properly with member names given in the command line. Names of members to extract can be specified along with the "-K NAME" option. In this case, tar will extract NAME and those of named members that appear in the archive after it, which is consistent with the semantics of the option. Previous versions of tar extracted NAME, those of named members that appeared before it, and everything after it. * Fix CVE-2018-20482 - When creating archives with the --sparse option, previous versions of tar would loop endlessly if a sparse file had been truncated while being archived. - remove the following patches (upstreamed) * tar-1.30-tests-difflink.patch * tar-1.30-tests_dirrem_race.patch - refresh add_readme-tests.patch - add tar-1.31-tests_dirrem.patch to fix expected output in dirrem tests - add tar-1.31-racy_compress_tests.patch to fix compression tests OBS-URL: https://build.opensuse.org/request/show/676145 OBS-URL: https://build.opensuse.org/package/show/Base:System/tar?expand=0&rev=88 --- add_readme-tests.patch | 32 ++-- tar-1.30-tests-difflink.patch | 14 -- tar-1.30-tests_dirrem_race.patch | 90 ---------- tar-1.30.tar.bz2 | 3 - tar-1.30.tar.bz2.sig | 7 - tar-1.31-racy_compress_tests.patch | 271 +++++++++++++++++++++++++++++ tar-1.31-tests_dirrem.patch | 81 +++++++++ tar-1.31.tar.bz2 | 3 + tar-1.31.tar.bz2.sig | 7 + tar.changes | 30 ++++ tar.spec | 10 +- 11 files changed, 413 insertions(+), 135 deletions(-) delete mode 100644 tar-1.30-tests-difflink.patch delete mode 100644 tar-1.30-tests_dirrem_race.patch delete mode 100644 tar-1.30.tar.bz2 delete mode 100644 tar-1.30.tar.bz2.sig create mode 100644 tar-1.31-racy_compress_tests.patch create mode 100644 tar-1.31-tests_dirrem.patch create mode 100644 tar-1.31.tar.bz2 create mode 100644 tar-1.31.tar.bz2.sig diff --git a/add_readme-tests.patch b/add_readme-tests.patch index 84fe020..1d450cc 100644 --- a/add_readme-tests.patch +++ b/add_readme-tests.patch @@ -1,18 +1,20 @@ -diff -ruN a/Makefile.in b/Makefile.in ---- a/Makefile.in 2017-12-22 20:14:53.900579664 -0500 -+++ b/Makefile.in 2017-12-22 20:21:21.363943130 -0500 -@@ -122,7 +122,7 @@ - POST_UNINSTALL = : - build_triplet = @build@ - host_triplet = @host@ --DIST_COMMON = $(srcdir)/Make.rules INSTALL NEWS README AUTHORS \ -+DIST_COMMON = $(srcdir)/Make.rules INSTALL NEWS README README-tests AUTHORS \ - ChangeLog THANKS $(srcdir)/Makefile.in $(srcdir)/Makefile.am \ - $(top_srcdir)/configure $(am__configure_deps) \ - $(srcdir)/config.h.in ABOUT-NLS COPYING TODO build-aux/ar-lib \ -diff -ruN a/README-tests b/README-tests ---- a/README-tests 1969-12-31 19:00:00.000000000 -0500 -+++ b/README-tests 2017-12-22 20:21:59.706691355 -0500 +Index: tar-1.31/Makefile.in +=================================================================== +--- tar-1.31.orig/Makefile.in ++++ tar-1.31/Makefile.in +@@ -341,7 +341,7 @@ am__DIST_COMMON = $(srcdir)/Make.rules $ + $(top_srcdir)/build-aux/config.sub \ + $(top_srcdir)/build-aux/install-sh \ + $(top_srcdir)/build-aux/missing ABOUT-NLS AUTHORS COPYING \ +- ChangeLog INSTALL NEWS README THANKS TODO build-aux/compile \ ++ ChangeLog INSTALL NEWS README README-tests THANKS TODO build-aux/compile \ + build-aux/config.guess build-aux/config.rpath \ + build-aux/config.sub build-aux/depcomp build-aux/install-sh \ + build-aux/mdate-sh build-aux/missing build-aux/texinfo.tex \ +Index: tar-1.31/README-tests +=================================================================== +--- /dev/null ++++ tar-1.31/README-tests @@ -0,0 +1,22 @@ +Subpackage tar-tests +==================== diff --git a/tar-1.30-tests-difflink.patch b/tar-1.30-tests-difflink.patch deleted file mode 100644 index 7e98a3a..0000000 --- a/tar-1.30-tests-difflink.patch +++ /dev/null @@ -1,14 +0,0 @@ -Per https://www.mail-archive.com/bug-tar@gnu.org/msg05440.html -diff --git a/tests/difflink.at b/tests/difflink.at -index eadfb08..4e01176 100644 ---- a/tests/difflink.at -+++ b/tests/difflink.at -@@ -21,7 +21,7 @@ mkdir a - genfile -f a/x - ln -s x a/y - ln a/y a/z --tar cf a.tar a -+tar cf a.tar a/x a/y a/z - rm a/z - ln -s x a/z - tar df a.tar diff --git a/tar-1.30-tests_dirrem_race.patch b/tar-1.30-tests_dirrem_race.patch deleted file mode 100644 index f013786..0000000 --- a/tar-1.30-tests_dirrem_race.patch +++ /dev/null @@ -1,90 +0,0 @@ -From 64b43fdf70d82c39eb2ca900cd4f8e49b86c2020 Mon Sep 17 00:00:00 2001 -From: Pavel Raiskup -Date: Thu, 4 Jan 2018 18:55:12 +0100 -Subject: tests: fix race in dirrem01 and dirrem02 - -Previously the '--checkpoint-action=echo' was triggered after -'--checkpoint-action=sleep=1' - so the order of events *usually* -was (for --format='gnu'): - - ... - 1. checkpoint handler before write of 'dir/sub' member - 2. one-second delay - 3. stderr write: 'tar: Write checkpoint 3' - 4. write the member 'dir/sub' into the archive - 5. check that the member's ctime has not been changed - 6. genfile's detecting 'Write checkpoint', doing unlink - ... - -But sometimes, the genfile was fast enough to win the race and -unlinked the directory before the member was written into the -archive (IOW, the order was 1-2-3-6-4-5). This led to the -occasional warning 'tar: dir/sub: file changed as we read it'. - -Swap the order of 'sleep=1' and 'echo' actions so the genfile -utility has (hopefully) enough time to do the unlink before -writing the file into the archive (enforce 1-2-3-6-4-5 order). - -* tests/dirrem01.at: Swap 'sleep=1' and 'echo' actions. -* tests/dirrem02.at: Likewise. ---- - tests/dirrem01.at | 5 +++-- - tests/dirrem02.at | 7 ++++--- - 2 files changed, 7 insertions(+), 5 deletions(-) - -diff --git a/tests/dirrem01.at b/tests/dirrem01.at -index 40344dc..dabc206 100644 ---- a/tests/dirrem01.at -+++ b/tests/dirrem01.at -@@ -47,14 +47,15 @@ gnu) CPT=3;; - esac - - genfile --run --checkpoint=$CPT --unlink dir/sub/file2 --unlink dir/sub -- \ -- tar --blocking-factor=1 --checkpoint=1 --checkpoint-action='sleep=1' \ -- --checkpoint-action='echo' -c -f archive.tar \ -+ tar --blocking-factor=1 --checkpoint=1 --checkpoint-action='echo' \ -+ --checkpoint-action='sleep=1' -c -f archive.tar \ - --listed-incremental db -v dir >/dev/null - ], - [1], - [ignore], - [tar: dir: Directory is new - tar: dir/sub: Directory is new -+tar: dir/sub: file changed as we read it - tar: dir/sub: File removed before we read it - ],[],[],[gnu,posix]) - -diff --git a/tests/dirrem02.at b/tests/dirrem02.at -index e1cf9ef..924454f 100644 ---- a/tests/dirrem02.at -+++ b/tests/dirrem02.at -@@ -20,7 +20,7 @@ - - # Description: - # --# When an explicitley named directory disappears during creation -+# When an explicitly named directory disappears during creation - # of incremental dump, tar should still exit with TAREXIT_FAILURE (2). - # - # For further details see dirrem01.at -@@ -44,14 +44,15 @@ gnu) CPT=3;; - esac - - genfile --run --checkpoint=$CPT --unlink dir/sub/file2 --unlink dir/sub -- \ -- tar --blocking-factor=1 --checkpoint=1 --checkpoint-action='sleep=1' \ -- --checkpoint-action='echo' -c -f archive.tar \ -+ tar --blocking-factor=1 --checkpoint=1 --checkpoint-action='echo' \ -+ --checkpoint-action='sleep=1' -c -f archive.tar \ - --listed-incremental db -v dir dir/sub >/dev/null - ], - [2], - [ignore], - [tar: dir: Directory is new - tar: dir/sub: Directory is new -+tar: dir/sub: file changed as we read it - tar: dir/sub: Cannot open: No such file or directory - tar: Exiting with failure status due to previous errors - ],[],[],[gnu,posix]) --- -cgit v1.0-41-gc330 - diff --git a/tar-1.30.tar.bz2 b/tar-1.30.tar.bz2 deleted file mode 100644 index 88f8660..0000000 --- a/tar-1.30.tar.bz2 +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:87592b86cb037c554375f5868bdd3cc57748aef38d6cb741c81065f0beac63b7 -size 2858639 diff --git a/tar-1.30.tar.bz2.sig b/tar-1.30.tar.bz2.sig deleted file mode 100644 index bf12ecf..0000000 --- a/tar-1.30.tar.bz2.sig +++ /dev/null @@ -1,7 +0,0 @@ ------BEGIN PGP SIGNATURE----- -Version: GnuPG v1.4.15 (GNU/Linux) - -iEYEABECAAYFAlo2WDAACgkQNgKwf1XQxzJ5dgCff14Rh/AJ7EwFNzP7fij1CBFN -bDsAoKMr0vWfos0xmmd3/9egDryGJLjU -=p7/W ------END PGP SIGNATURE----- diff --git a/tar-1.31-racy_compress_tests.patch b/tar-1.31-racy_compress_tests.patch new file mode 100644 index 0000000..b7cb7ab --- /dev/null +++ b/tar-1.31-racy_compress_tests.patch @@ -0,0 +1,271 @@ +From 9af3ae33108e5a1d281d75d29938fe8c6ffcd218 Mon Sep 17 00:00:00 2001 +From: Sergey Poznyakoff +Date: Mon, 14 Jan 2019 18:08:21 +0200 +Subject: [PATCH] Fix compression tests + +Existing compression tests used tar with compiled-in defaults. However, +some of the defaults are sure to create archives that are not byte-to-byte +reproducible (e.g. DEFAULT_ARCHIVE_FORMAT=POSIX, because the name field +in posix extended headers uses PID of the creating process by default). +Moreover, some compressors (e.g. gzip) store current timestamp in +the file header when compressing from stdin, so that using cmp on the +two created archives as the tests did is error-prone. Another problem +is that the tests implicitly assumed that tar uses archive suffix to +recognize its format when extracting, which isn't the case. Finally, +there's hardly any reason in using sed to create m4 sources, when +everything can be achieved by m4 itself. + +* tests/Makefile.am: Remove generation of compress-*.at files. +* tests/compress.at.in: Remove. +* tests/compress.m4: New file. +* tests/testsuite.at: Include compress.m4, use TAR_CHECK_COMPRESS to +check compression options. +--- + tests/Makefile.am | 45 ++--------------------------- + tests/compress.at.in | 67 -------------------------------------------- + tests/compress.m4 | 56 ++++++++++++++++++++++++++++++++++++ + tests/testsuite.at | 13 +++++---- + 4 files changed, 65 insertions(+), 116 deletions(-) + delete mode 100644 tests/compress.at.in + create mode 100644 tests/compress.m4 + +diff --git a/tests/Makefile.am b/tests/Makefile.am +index 4750acb..a29f626 100644 +--- a/tests/Makefile.am ++++ b/tests/Makefile.am +@@ -19,7 +19,7 @@ + + EXTRA_DIST = $(TESTSUITE_AT) \ + testsuite package.m4 star/README star/quicktest.sh \ +- compress.at.in ++ compress.m4 + + DISTCLEANFILES = atconfig $(check_SCRIPTS) + MAINTAINERCLEANFILES = Makefile.in $(TESTSUITE) +@@ -47,6 +47,7 @@ $(srcdir)/package.m4: $(top_srcdir)/configure.ac + + TESTSUITE_AT = \ + testsuite.at\ ++ compress.m4\ + T-cd.at\ + T-dir00.at\ + T-dir01.at\ +@@ -70,12 +71,6 @@ TESTSUITE_AT = \ + chtype.at\ + comprec.at\ + comperr.at\ +- compress-zstd.at\ +- compress-xz.at\ +- compress-bzip2.at\ +- compress-gzip.at\ +- compress-lzip.at\ +- compress-lzop.at\ + delete01.at\ + delete02.at\ + delete03.at\ +@@ -277,42 +272,6 @@ TESTSUITE_AT = \ + selacl01.at\ + capabs_raw01.at + +-CLEANFILES += compress-zstd.at +-compress-zstd.at: compress.at.in +- $(AM_V_GEN)rm -rf $@ $@-t +- $(AM_V_at)sed 's/@tool@/zstd/g;s/@suff@/zst/g;s/@suff2@/tzst/g;' \ +- $(srcdir)/compress.at.in > $@-t && chmod a-w $@-t && mv $@-t $@ +- +-CLEANFILES += compress-gzip.at +-compress-gzip.at: compress.at.in +- $(AM_V_GEN)rm -rf $@ $@-t +- $(AM_V_at)sed 's/@tool@/gzip/g;s/@suff@/gz/g;s/@suff2@/tgz/g;' \ +- $(srcdir)/compress.at.in > $@-t && chmod a-w $@-t && mv $@-t $@ +- +-CLEANFILES += compress-xz.at +-compress-xz.at: compress.at.in +- $(AM_V_GEN)rm -rf $@ $@-t +- $(AM_V_at)sed 's/@tool@/xz/g;s/@suff@/xz/g;s/@suff2@/txz/g;' \ +- $(srcdir)/compress.at.in > $@-t && chmod a-w $@-t && mv $@-t $@ +- +-CLEANFILES += compress-bzip2.at +-compress-bzip2.at: compress.at.in +- $(AM_V_GEN)rm -rf $@ $@-t +- $(AM_V_at)sed 's/@tool@/bzip2/g;s/@suff@/bz2/g;s/@suff2@/tbz2/g;' \ +- $(srcdir)/compress.at.in > $@-t && chmod a-w $@-t && mv $@-t $@ +- +-CLEANFILES += compress-lzip.at +-compress-lzip.at: compress.at.in +- $(AM_V_GEN)rm -rf $@ $@-t +- $(AM_V_at)sed 's/@tool@/lzip/g;s/@suff@/lz/g;s/@suff2@//g;' \ +- $(srcdir)/compress.at.in > $@-t && chmod a-w $@-t && mv $@-t $@ +- +-CLEANFILES += compress-lzop.at +-compress-lzop.at: compress.at.in +- $(AM_V_GEN)rm -rf $@ $@-t +- $(AM_V_at)sed 's/@tool@/lzop/g;s/@suff@/lzo/g;s/@suff2@//g;' \ +- $(srcdir)/compress.at.in > $@-t && chmod a-w $@-t && mv $@-t $@ +- + distclean-local: + -rm -rf download + +diff --git a/tests/compress.at.in b/tests/compress.at.in +deleted file mode 100644 +index 91a6af2..0000000 +--- a/tests/compress.at.in ++++ /dev/null +@@ -1,67 +0,0 @@ +-# Process this file with autom4te to create testsuite. -*- Autotest -*- +- +-# Test suite for GNU tar. +-# Copyright 2018-2019 Free Software Foundation, Inc. +- +-# This file is part of GNU tar. +- +-# GNU tar is free software; you can redistribute it and/or modify +-# it under the terms of the GNU General Public License as published by +-# the Free Software Foundation; either version 3 of the License, or +-# (at your option) any later version. +- +-# GNU tar is distributed in the hope that it will be useful, +-# but WITHOUT ANY WARRANTY; without even the implied warranty of +-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +-# GNU General Public License for more details. +- +-# You should have received a copy of the GNU General Public License +-# along with this program. If not, see . +- +-# tar can create/decompress @tool@-compressed tarballs +- +-AT_SETUP([compress: @tool@]) +-AT_KEYWORDS([compression @tool@]) +- +-unset TAR_OPTIONS +- +-AT_CHECK([ +-AT_GZIP_PREREQ([@tool@]) +- +-touch empty +-# Create with --@tool@: +-tar --@tool@ -cf - empty 2>err > k.tar.@suff@ || exit 1 +-test -s err && exit 1 +-tar tf k.tar.@suff@ 2>err > out || exit 1 +-test "$(cat out)" = empty || exit 1 +-test -s err && exit 1 +- +-# Ensure -ac works with an -f-specified .@suff@-suffixed name. +-tar -acf k2.tar.@suff@ empty 2>err > out || exit 1 +-cmp k2.tar.@suff@ k.tar.@suff@ || exit 1 +-test -s err && exit 1 +- +-# Extraction: ensure the .@suff@ suffix is recognized. +-rm -f empty || exit 1 +-tar xf k.tar.@suff@ 2>err > out || exit 1 +-test -s err && exit 1 +-test -f empty || exit 1 +- +-if test -n '@suff2@'; then +- # Extraction: ensure the .@suff2@ suffix is also recognized. +- mv k.tar.@suff@ k.@suff2@ || exit 1 +- rm -f empty +- tar xf k.@suff2@ 2>err > out || exit 1 +- test -s err && exit 1 +- test -f empty || exit 1 +-else +- : +-fi +- +-], +-[0], +-[], +-[], +-[],[]) +- +-AT_CLEANUP +diff --git a/tests/compress.m4 b/tests/compress.m4 +new file mode 100644 +index 0000000..1f22632 +--- /dev/null ++++ b/tests/compress.m4 +@@ -0,0 +1,56 @@ ++# This file is part of GNU tar testsuite. -*- Autotest -*- ++# Copyright 2018-2019 Free Software Foundation, Inc. ++# ++# GNU tar is free software; you can redistribute it and/or modify ++# it under the terms of the GNU General Public License as published by ++# the Free Software Foundation; either version 3 of the License, or ++# (at your option) any later version. ++# ++# GNU tar is distributed in the hope that it will be useful, ++# but WITHOUT ANY WARRANTY; without even the implied warranty of ++# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the ++# GNU General Public License for more details. ++# ++# You should have received a copy of the GNU General Public License ++# along with this program. If not, see . ++ ++dnl TAR_CHECK_COMPRESS(TOOL, SUF[, SUF2]) ++dnl Tests whether tar can create archives using TOOL (i.e. using the --TOOL ++dnl command line option). SUF and optional SUF2 are suffixes for created ++dnl archives (without leading dot). Tar should be able to use TOOL to ++dnl automatically decompress archives with names ending on these suffixes. ++m4_define([TAR_CHECK_COMPRESS], ++[AT_SETUP([compress: $1]) ++AT_KEYWORDS([compression compress-$1 $1]) ++ ++AT_CHECK([ ++AT_GZIP_PREREQ($1) ++unset TAR_OPTIONS ++ ++touch empty ++set -e ++: create with --$1 ++tar --$1 -cf k.tar.$2 empty ++tar tf k.tar.$2 ++ ++m4_foreach([SUF], m4_quote(m4_shift($@)), ++[ ++echo testing .SUF ++tar -acf k2.tar.SUF empty ++cat k2.tar.SUF | $1 -d > k.SUF.tar ++tar tf k.SUF.tar ++]) ++ ++# Extraction: ensure compressed format is correctly recognized ++rm -f empty ++tar xf k.tar.$2 ++test -f empty ++], ++[0], ++[empty ++m4_foreach([SUF],m4_quote(m4_shift($@)),[testing .SUF ++empty ++])]) ++ ++AT_CLEANUP ++]) +diff --git a/tests/testsuite.at b/tests/testsuite.at +index f751bcf..ce25c96 100644 +--- a/tests/testsuite.at ++++ b/tests/testsuite.at +@@ -217,13 +217,14 @@ m4_include([opcomp05.at]) + m4_include([opcomp06.at]) + + AT_BANNER([Compression]) +-m4_include([compress-gzip.at]) +-m4_include([compress-bzip2.at]) +-m4_include([compress-xz.at]) ++m4_include([compress.m4]) ++TAR_CHECK_COMPRESS(gzip, gz, tgz) ++TAR_CHECK_COMPRESS(bzip2, bz2, tbz2) ++TAR_CHECK_COMPRESS(xz, xz, txz) + dnl: omit lzma, because it would fail due to magic number mismatch +-m4_include([compress-lzip.at]) +-m4_include([compress-lzop.at]) +-m4_include([compress-zstd.at]) ++TAR_CHECK_COMPRESS(lzip, lz) ++TAR_CHECK_COMPRESS(lzop, lzo) ++TAR_CHECK_COMPRESS(zstd, zst, tzst) + + AT_BANNER([Positional options]) + m4_include([positional01.at]) +-- +2.20.1 + diff --git a/tar-1.31-tests_dirrem.patch b/tar-1.31-tests_dirrem.patch new file mode 100644 index 0000000..6d5345c --- /dev/null +++ b/tar-1.31-tests_dirrem.patch @@ -0,0 +1,81 @@ +From f86722c34c92f265bc9a20cb171d2fcfeab7d341 Mon Sep 17 00:00:00 2001 +From: Sergey Poznyakoff +Date: Mon, 14 Jan 2019 12:26:59 +0200 +Subject: [PATCH] Fix expected output in dirrem tests. + +In both tests, the "file changed as we read it" warning might be +produced for dir/sub, depending on the ctime resolution and timing. +The problem was fixed by 64b43fdf70d82c39eb2ca900cd4f8e49, but regressed +after e7cd377f7801d42aa8e07addff93d2150666c237, which removed 1 second +delays between each pair of checkpoints. Since the presense or absense +of this warning is irrelevant for the test, it is now suppressed. + +* tests/dirrem01.at: Suppress the file-changed warning. +* tests/dirrem02.at: Likewise. +--- + tests/dirrem01.at | 15 ++++++++++----- + tests/dirrem02.at | 5 +++-- + 2 files changed, 13 insertions(+), 7 deletions(-) + +diff --git a/tests/dirrem01.at b/tests/dirrem01.at +index 0a9c9e5..24bf392 100644 +--- a/tests/dirrem01.at ++++ b/tests/dirrem01.at +@@ -27,9 +27,13 @@ + # it prints a warning and exits with TAREXIT_DIFFERS. + # + # This test checks whether this behaviour is mimicked for directories, too. +- +-# Remark: This file is based on 'filerem01.at', which is the test-case for +-# a vanishing file. ++# ++# Notes: ++# 1. This file is based on 'filerem01.at', which is the test-case for ++# a vanishing file. ++# 2. Depending on the stat.st_ctime resolution, the "file changed as we ++# read it" warning might be issued for dir/sub. The test takes care to ++# suppress it. + + AT_SETUP([directory removed before reading]) + AT_KEYWORDS([create incremental listed dirchange dirrem dirrem01]) +@@ -48,13 +52,14 @@ esac + + genfile --run --checkpoint=$CPT --unlink dir/sub/file2 --unlink dir/sub -- \ + tar --blocking-factor=1 -c -f archive.tar \ +- --listed-incremental db -v dir >/dev/null ++ --listed-incremental db \ ++ --warning=no-file-changed \ ++ -v dir >/dev/null + ], + [1], + [ignore], + [tar: dir: Directory is new + tar: dir/sub: Directory is new +-tar: dir/sub: file changed as we read it + tar: dir/sub: File removed before we read it + ],[],[],[gnu,posix]) + +diff --git a/tests/dirrem02.at b/tests/dirrem02.at +index c314484..3c63bbe 100644 +--- a/tests/dirrem02.at ++++ b/tests/dirrem02.at +@@ -45,13 +45,14 @@ esac + + genfile --run --checkpoint=$CPT --unlink dir/sub/file2 --unlink dir/sub -- \ + tar --blocking-factor=1 -c -f archive.tar \ +- --listed-incremental db -v dir dir/sub >/dev/null ++ --listed-incremental db \ ++ --warning=no-file-changed \ ++ -v dir dir/sub >/dev/null + ], + [2], + [ignore], + [tar: dir: Directory is new + tar: dir/sub: Directory is new +-tar: dir/sub: file changed as we read it + tar: dir/sub: Cannot open: No such file or directory + tar: Exiting with failure status due to previous errors + ],[],[],[gnu,posix]) +-- +2.20.1 + diff --git a/tar-1.31.tar.bz2 b/tar-1.31.tar.bz2 new file mode 100644 index 0000000..739945d --- /dev/null +++ b/tar-1.31.tar.bz2 @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:577bd4463eea103bdfc662fc385789e2228dbeb399a1d0b98571ed9ce044f763 +size 2946047 diff --git a/tar-1.31.tar.bz2.sig b/tar-1.31.tar.bz2.sig new file mode 100644 index 0000000..713a552 --- /dev/null +++ b/tar-1.31.tar.bz2.sig @@ -0,0 +1,7 @@ +-----BEGIN PGP SIGNATURE----- + +iG4EABECAC4WIQQyX2UMTCtq1YgHMno2ArB/VdDHMgUCXC0H2RAcZ3JheUBnbnUu +b3JnLnVhAAoJEDYCsH9V0McydREAoI/F9a+XwDVL+FC7kE5xcZp9ZETwAJwMbKr9 +U+J2kZEqlnzS2Ig0f3PTKQ== +=Ws0e +-----END PGP SIGNATURE----- diff --git a/tar.changes b/tar.changes index a6af9f9..8bc00ae 100644 --- a/tar.changes +++ b/tar.changes @@ -1,3 +1,33 @@ +------------------------------------------------------------------- +Thu Feb 14 12:20:29 UTC 2019 - kstreitova@suse.com + +- update to version 1.31 + * Fix heap-buffer-overrun with --one-top-level, bug introduced + with the addition of that option in 1.28 + * Support for zstd compression + * New option '--zstd' instructs tar to use zstd as compression + program. When listing, extractng and comparing, zstd compressed + archives are recognized automatically. When '-a' option is in + effect, zstd compression is selected if the destination archive + name ends in '.zst' or '.tzst'. + * The -K option interacts properly with member names given in the + command line. Names of members to extract can be specified along + with the "-K NAME" option. In this case, tar will extract NAME + and those of named members that appear in the archive after it, + which is consistent with the semantics of the option. Previous + versions of tar extracted NAME, those of named members that + appeared before it, and everything after it. + * Fix CVE-2018-20482 - When creating archives with the --sparse + option, previous versions of tar would loop endlessly if a + sparse file had been truncated while being archived. +- remove the following patches (upstreamed) + * tar-1.30-tests-difflink.patch + * tar-1.30-tests_dirrem_race.patch +- refresh add_readme-tests.patch +- add tar-1.31-tests_dirrem.patch to fix expected output in dirrem + tests +- add tar-1.31-racy_compress_tests.patch to fix compression tests + ------------------------------------------------------------------- Fri May 11 10:41:40 UTC 2018 - kstreitova@suse.com diff --git a/tar.spec b/tar.spec index 2f537f1..34c4168 100644 --- a/tar.spec +++ b/tar.spec @@ -1,7 +1,7 @@ # # spec file for package tar # -# Copyright (c) 2018 SUSE LINUX GmbH, Nuernberg, Germany. +# Copyright (c) 2019 SUSE LINUX GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -19,7 +19,7 @@ # For correct subpackages docs installation into tar doc directory %global _docdir_fmt %{name} Name: tar -Version: 1.30 +Version: 1.31 Release: 0 Summary: GNU implementation of ((t)ape (ar)chiver) License: GPL-3.0-or-later @@ -40,10 +40,8 @@ Patch3: %{name}-ignore_lone_zero_blocks.patch #https://bugzilla.opensuse.org/show_bug.cgi?id=918487 Patch4: %{name}-recursive--files-from.patch Patch5: add_readme-tests.patch -# PATCH-FIX-UPSTREAM kstreitova@suse.com -- fix difflink.at test -Patch6: tar-1.30-tests-difflink.patch -# PATCH-FIX-UPSTREAM kstreitova@suse.com -- fix race in dirrem01 and dirrem02 tests -Patch7: tar-1.30-tests_dirrem_race.patch +Patch6: tar-1.31-tests_dirrem.patch +Patch7: tar-1.31-racy_compress_tests.patch BuildRequires: automake BuildRequires: libacl-devel BuildRequires: libattr-devel