Overview
Request 865238 superseded
- updated to version 0.9
see installed History.md
## 0.9 / 2019-09-04
* jtappa added the ability to skip fsync with a new option to Minitar.unpack
and Minitar::Input#extract_entry. Provide `:fsync => false` as the last
parameter to enable. Merged from a modified version of PR [#37][].
- updated to version 0.8
see installed History.md
## 0.8 / 2019-01-05
* inkstak resolved an issue introduced in the fix for [#31][] by allowing
spaces to be considered valid characters in strict octal handling. Octal
conversion ignores leading spaces. Merged from a slightly modified version
of PR [#35][].
* dearblue contributed PR [#32][] providing an explicit call to #bytesize for
strings that include multibyte characters. The PR has been modified to be
compatible with older versions of Ruby and extend tests.
* Akinori MUSHA (knu) contributed PR [#36][] that treats certain badly
encoded regular files (with names ending in `/`) as if they were
directories on decode.
- updated to version 0.7
see installed History.md
## 0.7 / 2018-02-19
* Fixed issue [#28][] with a modified version of PR [#29][] covering the
security policy and position for Minitar. Thanks so much to ooooooo\_q for
the report and an initial patch. Additional information was added as
[#30][].
* dearblue contributed PR [#33][] providing a fix for Minitar::Reader when
the IO-like object does not have a `#pos` method.
* Kevin McDermott contributed PR [#34][] so that an InvalidTarStream is
raised if the tar header is not valid, preventing incorrect streaming of
files from a non-tarfile. This is a minor breaking change, so the version
has been bumped accordingly.
* Kazuyoshi Kato contributed PR [#26][] providing support for the GNU tar
long filename extension.
* Addressed a potential DOS with negative size fields in tar headers
([#31][]). This has been handled in two ways: the size field in a tar
header is interpreted as a strict octal value and the Minitar reader will
raise an InvalidTarStream if the size ends up being negative anyway.
- Remove patch for CVE-2016-10173
This vulneribility has been fixed by upstream with v0.6.1:
https://github.com/halostatue/minitar/commit/30e62689b614938dc96b4f2cb8e033e72f650670
- updated to version 0.6.1
ChangeLog removed upstream
- Created by coolo
- In state superseded
- Supersedes 679521 773787
- Superseded by 865298
-
Open review for
licensedigger
-
Open review for
factory-staging
Request History
coolo created request
- updated to version 0.9
see installed History.md
## 0.9 / 2019-09-04
* jtappa added the ability to skip fsync with a new option to Minitar.unpack
and Minitar::Input#extract_entry. Provide `:fsync => false` as the last
parameter to enable. Merged from a modified version of PR [#37][].
- updated to version 0.8
see installed History.md
## 0.8 / 2019-01-05
* inkstak resolved an issue introduced in the fix for [#31][] by allowing
spaces to be considered valid characters in strict octal handling. Octal
conversion ignores leading spaces. Merged from a slightly modified version
of PR [#35][].
* dearblue contributed PR [#32][] providing an explicit call to #bytesize for
strings that include multibyte characters. The PR has been modified to be
compatible with older versions of Ruby and extend tests.
* Akinori MUSHA (knu) contributed PR [#36][] that treats certain badly
encoded regular files (with names ending in `/`) as if they were
directories on decode.
- updated to version 0.7
see installed History.md
## 0.7 / 2018-02-19
* Fixed issue [#28][] with a modified version of PR [#29][] covering the
security policy and position for Minitar. Thanks so much to ooooooo\_q for
the report and an initial patch. Additional information was added as
[#30][].
* dearblue contributed PR [#33][] providing a fix for Minitar::Reader when
the IO-like object does not have a `#pos` method.
* Kevin McDermott contributed PR [#34][] so that an InvalidTarStream is
raised if the tar header is not valid, preventing incorrect streaming of
files from a non-tarfile. This is a minor breaking change, so the version
has been bumped accordingly.
* Kazuyoshi Kato contributed PR [#26][] providing support for the GNU tar
long filename extension.
* Addressed a potential DOS with negative size fields in tar headers
([#31][]). This has been handled in two ways: the size field in a tar
header is interpreted as a strict octal value and the Minitar reader will
raise an InvalidTarStream if the size ends up being negative anyway.
- Remove patch for CVE-2016-10173
This vulneribility has been fixed by upstream with v0.6.1:
https://github.com/halostatue/minitar/commit/30e62689b614938dc96b4f2cb8e033e72f650670
- updated to version 0.6.1
ChangeLog removed upstream
factory-auto declined review
Output of check script:
A patch (bsc_1021740.patch) is being deleted without this removal being mentioned in the changelog.
factory-auto declined request
Output of check script:
A patch (bsc_1021740.patch) is being deleted without this removal being mentioned in the changelog.
superseded by 865298
