Received: from mail.netbsd.org (mail.netbsd.org [204.152.190.11]) by narn.NetBSD.org (Postfix) with ESMTP id 554B263B8A2 for ; Fri, 1 Feb 2008 11:58:57 +0000 (UTC) Received: by mail.netbsd.org (Postfix, from userid 0) id 7416F63B110; Fri, 1 Feb 2008 11:58:51 +0000 (UTC) Received: from cvs.netbsd.org (cvs.netbsd.org [204.152.190.10]) by mail.netbsd.org (Postfix) with ESMTP id 6A91163B100 for ; Fri, 1 Feb 2008 11:58:50 +0000 (UTC) Received: by cvs.netbsd.org (Postfix, from userid 500) id 88ED521507; Fri, 1 Feb 2008 11:59:03 +0000 (UTC) From: Ulrich Habel Subject: CVS commit: pkgsrc/archivers/p5-Archive-Tar To: pkgsrc-changes@NetBSD.org Reply-To: rhaen@netbsd.org Message-Id: <20080201115903.88ED521507@cvs.netbsd.org> Date: Fri, 1 Feb 2008 11:59:03 +0000 (UTC) Sender: pkgsrc-changes-owner@NetBSD.org Precedence: list Module Name: pkgsrc Committed By: rhaen Date: Fri Feb 1 11:59:03 UTC 2008 Modified Files: pkgsrc/archivers/p5-Archive-Tar: Makefile distinfo Log Message: - updated to 1.38 - ok'ed by rillig ChangeLog: * important changes in vesrion 1.38 14/12/2007: - Promote 1.37_01 to stable. * important changes in version 1.37_01 11/11/2007: _ Address #30380: directory traversal vulnerability in Archive-Tar - Add $INSECURE_EXTRACT_MODE which defaults to 0, disallowing archives to extract files outside of cwd(). This is a backwards incompatible change from 1.36 and before. - Add a -I option to ptar to enable insecure extraction if needed To generate a diff of this commit: cvs rdiff -r1.28 -r1.29 pkgsrc/archivers/p5-Archive-Tar/Makefile cvs rdiff -r1.13 -r1.14 pkgsrc/archivers/p5-Archive-Tar/distinfo Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.