stable

libarchive-3.1.2-15.fc23

FEDORA-2016-8491ec1ebd created by praiskup 8 years ago for Fedora 23

fix manual pages to mention correctly spelled binary names (#1294252), fix CVE-2016-1541, #1334213

How to install

Updates may require up to 24 hours to propagate to mirrors. If the following command doesn't work, please retry later:

sudo dnf upgrade --refresh --advisory=FEDORA-2016-8491ec1ebd

This update has been submitted for testing by praiskup. This critical path update has not yet been approved for pushing to the stable repository. It must first reach a karma of 2, consisting of 0 positive karma from proventesters, along with 2 additional karma from the community. Or, it must spend 14 days in testing without any negative feedback.

8 years ago

This update has been pushed to testing.

8 years ago
User Icon scfc commented & provided feedback 8 years ago

Unfortunately, the automatic replacing misses three spots where "bsdtar" is meant:

  1. In the manual title, "TAR(1)" (".Dt TAR 1").
  2. In a command example, "$ tar -cvf output.tar @input.mtree" (".Dl $ tar -cvf output.tar @input.mtree").
  3. In the section "Compatibility", "For maximum portability, scripts that invoke tar should use the bundled-argument format above, […]".

I looked at all other matches of "\b(bsd)?tar\b" and they appeared correct to me.

BZ#1294252 Man page for bsdtar(1) claims that it is for tar(1)
User Icon filiperosset commented & provided feedback 8 years ago
karma

no regressions noted

User Icon cserpentis commented & provided feedback 8 years ago
karma

works for me

This update has been submitted for stable by bodhi.

8 years ago
User Icon nonamedotc commented & provided feedback 8 years ago
karma

looks fine here

This update has been pushed to stable.

8 years ago

Please login to add feedback.

Metadata
Type
security
Karma
3
Signed
Content Type
RPM
Test Gating
Autopush Settings
Unstable by Karma
-3
Stable by Karma
3
Stable by Time
disabled
Dates
submitted
8 years ago
in testing
8 years ago
in stable
8 years ago
BZ#1294252 Man page for bsdtar(1) claims that it is for tar(1)
-1
0
BZ#1334213 CVE-2016-1541 libarchive: heap-based buffer overflow due to improper input validation [fedora-all]
0
0

Automated Test Results