tar: Update to 1.31, including fix for bug #11958
authorMatthias Fischer <matthias.fischer@ipfire.org>
Thu, 10 Jan 2019 13:29:22 +0000 (14:29 +0100)
committerMichael Tremer <michael.tremer@ipfire.org>
Mon, 7 Jan 2019 01:31:43 +0000 (01:31 +0000)
commit042a5fe60a51277d3d1c717c207858dce1d28ff1
tree8db198f3421a6e51b83a0c0070b8c9519767d737
parentd381c56dc82e10ce01e68bb24b197dce0fa10580
tar: Update to 1.31, including fix for bug #11958

For details see:

http://savannah.gnu.org/forum/forum.php?forum_id=9344

"- Fix heap-buffer-overrun with --one-top-level.
- Support for zstd compression.
- The -K option interacts properly with member names given in the command line.
- Fix CVE-2018-20482"

This patch was reverted because 'tar 1.31' crashed when installing PakFire packages
with the option '--no-overwrite-dir'.
See: https://bugzilla.ipfire.org/show_bug.cgi?id=11958

Included is now a patch from https://savannah.gnu.org/bugs/?55413, which seems to fix this issue.
The test cases given in https://savannah.gnu.org/bugs/?55413#comment1 ran without problems.

As always, please check and confirm.

Best,
Matthias

Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
lfs/tar
src/patches/tar/01_extract.c.patch [new file with mode: 0644]