ZhuningOS/tar
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Initialize for tar

Browse source
This commit is contained in:
zyppe 2024-02-05 15:30:42 +08:00
commit 09b05a0b95
23 changed files with 2249 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
.gitignore vendored Normal file
View file

@ -0,0 +1 @@
tar-1.34.tar.xz

1
.tar.metadata Normal file
View file

@ -0,0 +1 @@
8fb8b6de78fd296285453d378e1e939fabbc4ef148b8228e917df76f8949b745 tar-1.34.tar.xz

39
add_readme-tests.patch Normal file
View file

@ -0,0 +1,39 @@
Index: tar-1.33/Makefile.in
===================================================================
--- tar-1.33.orig/Makefile.in
+++ tar-1.33/Makefile.in
@@ -348,6 +348,7 @@ am__DIST_COMMON = $(srcdir)/Make.rules $
$(top_srcdir)/build-aux/install-sh \
$(top_srcdir)/build-aux/missing ABOUT-NLS AUTHORS COPYING \
ChangeLog INSTALL NEWS README THANKS TODO build-aux/ar-lib \
+ README-tests \
build-aux/compile build-aux/config.guess \
build-aux/config.rpath build-aux/config.sub build-aux/depcomp \
build-aux/install-sh build-aux/mdate-sh build-aux/missing \
Index: tar-1.33/README-tests
===================================================================
--- /dev/null
+++ tar-1.33/README-tests
@@ -0,0 +1,22 @@
+Subpackage tar-tests
+====================
+
+The tar-tests package contains the testsuite which is included in tar sources.
+The testsuite is normally run during make phase (make check) and is also
+automatically run when the tar rpm is being build (in %check section of spec
+file).
+
+Normally, there is no reason to need the tar-tests package. It can however be
+used to verify, that tar functions properly in an installed system (e.g. to
+find issues in tar's dependencies, problems with incompatible libraries, etc.).
+
+Testsuite is installed into /var/lib/tests/tar
+
+To run the testsuite:
+
+cd /var/lib/tests/tar
+./testsuite --help # show options
+
+# needed for genfile binary used in tests
+./testsuite AUTOTEST_PATH=/var/lib/tests/tar/bin [other options]
+

71
bsc1200657.patch Normal file
View file

@ -0,0 +1,71 @@
From 79d1ac38c19faad64f0e993180bf1ad27f217072 Mon Sep 17 00:00:00 2001
From: James Abbatiello <abbeyj@gmail.com>
Date: Fri, 10 Jun 2022 18:25:13 -0700
Subject: tar: fix race condition
Problem reported in:
https://lists.gnu.org/r/bug-tar/2022-03/msg00000.html
* src/extract.c (make_directories): Retry the file creation as
long as the directory exists, regardless of whether tar itself
created the directory.
Copyright-paperwork-exempt: Yes
---
src/extract.c | 16 ++++++++--------
1 file changed, 8 insertions(+), 8 deletions(-)
diff --git a/src/extract.c b/src/extract.c
index 0753dec..fda4617 100644
--- a/src/extract.c
+++ b/src/extract.c
@@ -638,10 +638,9 @@ fixup_delayed_set_stat (char const *src, char const *dst)
/* After a file/link/directory creation has failed due to ENOENT,
create all required directories. Return zero if all the required
- directories were created, nonzero (issuing a diagnostic) otherwise.
- Set *INTERDIR_MADE if at least one directory was created. */
+ directories were created, nonzero (issuing a diagnostic) otherwise. */
static int
-make_directories (char *file_name, bool *interdir_made)
+make_directories (char *file_name)
{
char *cursor0 = file_name + FILE_SYSTEM_PREFIX_LEN (file_name);
char *cursor; /* points into the file name */
@@ -685,7 +684,6 @@ make_directories (char *file_name, bool *interdir_made)
desired_mode, AT_SYMLINK_NOFOLLOW);
print_for_mkdir (file_name, cursor - file_name, desired_mode);
- *interdir_made = true;
parent_end = NULL;
}
else
@@ -841,8 +839,11 @@ maybe_recoverable (char *file_name, bool regular, bool *interdir_made)
case ENOENT:
/* Attempt creating missing intermediate directories. */
- if (make_directories (file_name, interdir_made) == 0)
- return RECOVER_OK;
+ if (make_directories (file_name) == 0)
+ {
+ *interdir_made = true;
+ return RECOVER_OK;
+ }
break;
default:
@@ -1944,12 +1945,11 @@ rename_directory (char *src, char *dst)
else
{
int e = errno;
- bool interdir_made;
switch (e)
{
case ENOENT:
- if (make_directories (dst, &interdir_made) == 0)
+ if (make_directories (dst) == 0)
{
if (renameat (chdir_fd, src, chdir_fd, dst) == 0)
return true;
--
cgit v1.1

65
bsc1202436-1.patch Normal file
View file

@ -0,0 +1,65 @@
From edf38d13a47becec81b2c3a2b74f54771e1cbee4 Mon Sep 17 00:00:00 2001
From: Sergey Poznyakoff <gray@gnu.org>
Date: Sat, 11 Feb 2023 13:03:23 +0200
Subject: Prevent dead loop in extract_file
* src/extract.c (maybe_recoverable): If make_directories indicates
success, suppose some intermediate directories have been made, even
if in fact they have not. That's necessary to avoid dead loops when
maybe_recoverable is called with the same arguments again.
---
src/extract.c | 13 +++++++------
1 file changed, 7 insertions(+), 6 deletions(-)
diff --git a/src/extract.c b/src/extract.c
index 2d43947..aec5de6 100644
--- a/src/extract.c
+++ b/src/extract.c
@@ -682,7 +682,7 @@ fixup_delayed_set_stat (char const *src, char const *dst)
directories were created, nonzero (issuing a diagnostic) otherwise.
Set *INTERDIR_MADE if at least one directory was created. */
static int
-make_directories (char *file_name, bool *interdir_made)
+make_directories (char *file_name)
{
char *cursor0 = file_name + FILE_SYSTEM_PREFIX_LEN (file_name);
char *cursor; /* points into the file name */
@@ -726,7 +726,6 @@ make_directories (char *file_name, bool *interdir_made)
desired_mode, AT_SYMLINK_NOFOLLOW);
print_for_mkdir (file_name, cursor - file_name, desired_mode);
- *interdir_made = true;
parent_end = NULL;
}
else
@@ -882,8 +881,11 @@ maybe_recoverable (char *file_name, bool regular, bool *interdir_made)
case ENOENT:
/* Attempt creating missing intermediate directories. */
- if (make_directories (file_name, interdir_made) == 0)
- return RECOVER_OK;
+ if (make_directories (file_name) == 0)
+ {
+ *interdir_made = true;
+ return RECOVER_OK;
+ }
break;
default:
@@ -1985,12 +1987,11 @@ rename_directory (char *src, char *dst)
else
{
int e = errno;
- bool interdir_made;
switch (e)
{
case ENOENT:
- if (make_directories (dst, &interdir_made) == 0)
+ if (make_directories (dst) == 0)
{
if (renameat (chdir_fd, src, chdir_fd, dst) == 0)
return true;
--
cgit v1.1

47
bsc1202436-2.patch Normal file
View file

@ -0,0 +1,47 @@
From 5e8a915b16c5f06d2a16d98cdc2af666199caabb Mon Sep 17 00:00:00 2001
From: Sergey Poznyakoff <gray@gnu.org>
Date: Sat, 11 Feb 2023 14:21:05 +0200
Subject: Changes in extended header decoder
* src/xheader.c (decode_time): Fix error detection.
(raw_path_decoder): Ignore empty paths.
---
src/xheader.c | 15 ++++++++++++---
1 file changed, 12 insertions(+), 3 deletions(-)
diff --git a/src/xheader.c b/src/xheader.c
index 7ff216b..a195f3e 100644
--- a/src/xheader.c
+++ b/src/xheader.c
@@ -1059,6 +1059,12 @@ decode_time (struct timespec *ts, char const *arg, char const *keyword)
keyword, arg));
return false;
}
+ if (*arg_lim)
+ {
+ ERROR ((0, 0, _("Malformed extended header: invalid %s=%s"),
+ keyword, arg));
+ return false;
+ }
*ts = t;
return true;
@@ -1247,9 +1253,12 @@ path_coder (struct tar_stat_info const *st, char const *keyword,
static void
raw_path_decoder (struct tar_stat_info *st, char const *arg)
{
- decode_string (&st->orig_file_name, arg);
- decode_string (&st->file_name, arg);
- st->had_trailing_slash = strip_trailing_slashes (st->file_name);
+ if (*arg)
+ {
+ decode_string (&st->orig_file_name, arg);
+ decode_string (&st->file_name, arg);
+ st->had_trailing_slash = strip_trailing_slashes (st->file_name);
+ }
}
--
cgit v1.1

14
bsc1202436.patch Normal file
View file

@ -0,0 +1,14 @@
diff --git a/src/extract.c b/src/extract.c
index 37ab2956..b70b6c2f 100644
--- a/src/extract.c
+++ b/src/extract.c
@@ -854,6 +854,9 @@ maybe_recoverable (char *file_name, bool regular, bool *interdir_made)
case EEXIST:
/* Remove an old file, if the options allow this. */
+ if (strlen(file_name) == 1 && *file_name == '.')
+ return RECOVER_NO;
+
switch (old_files_option)
{
case SKIP_OLD_FILES:

31
fix-CVE-2022-48303.patch Normal file
View file

@ -0,0 +1,31 @@
From 1d530107a24d71e798727d7f0afa0833473d1074 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Matej=20Mu=C5=BEila?= <mmuzila@gmail.com>
Date: Wed, 11 Jan 2023 08:55:58 +0100
Subject: [PATCH] Fix savannah bug #62387
* src/list.c (from_header): Check for the end of field after leading byte
(0x80 or 0xff) of base-256 encoded header value
---
src/list.c | 6 ++++++
1 file changed, 6 insertions(+)
diff --git a/src/list.c b/src/list.c
index 9fafc425..bf41b581 100644
--- a/src/list.c
+++ b/src/list.c
@@ -895,6 +895,12 @@ from_header (char const *where0, size_t digs, char const *type,
<< (CHAR_BIT * sizeof (uintmax_t)
- LG_256 - (LG_256 - 2)));
value = (*where++ & ((1 << (LG_256 - 2)) - 1)) - signbit;
+ if (where == lim)
+ {
+ if (type && !silent)
+ ERROR ((0, 0, _("Archive base-256 value is invalid")));
+ return -1;
+ }
for (;;)
{
value = (value << LG_256) + (unsigned char) *where++;
--
2.38.1

60
fix-CVE-2023-39804.patch Normal file
View file

@ -0,0 +1,60 @@
From a339f05cd269013fa133d2f148d73f6f7d4247e4 Mon Sep 17 00:00:00 2001
From: Sergey Poznyakoff <gray@gnu.org>
Date: Sat, 28 Aug 2021 16:02:12 +0300
Subject: Fix handling of extended header prefixes
* src/xheader.c (locate_handler): Recognize prefix keywords only
when followed by a dot.
(xattr_decoder): Use xmalloc/xstrdup instead of alloc
---
src/xheader.c | 17 +++++++++--------
1 file changed, 9 insertions(+), 8 deletions(-)
diff --git a/src/xheader.c b/src/xheader.c
index 4f8b2b2..3cd694d 100644
--- a/src/xheader.c
+++ b/src/xheader.c
@@ -637,11 +637,11 @@ static struct xhdr_tab const *
locate_handler (char const *keyword)
{
struct xhdr_tab const *p;
-
for (p = xhdr_tab; p->keyword; p++)
if (p->prefix)
{
- if (strncmp (p->keyword, keyword, strlen(p->keyword)) == 0)
+ size_t kwlen = strlen (p->keyword);
+ if (keyword[kwlen] == '.' && strncmp (p->keyword, keyword, kwlen) == 0)
return p;
}
else
@@ -1716,19 +1716,20 @@ xattr_decoder (struct tar_stat_info *st,
char const *keyword, char const *arg, size_t size)
{
char *xstr, *xkey;
-
+
/* copy keyword */
- size_t klen_raw = strlen (keyword);
- xkey = alloca (klen_raw + 1);
- memcpy (xkey, keyword, klen_raw + 1) /* including null-terminating */;
+ xkey = xstrdup (keyword);
/* copy value */
- xstr = alloca (size + 1);
+ xstr = xmalloc (size + 1);
memcpy (xstr, arg, size + 1); /* separator included, for GNU tar '\n' */;
xattr_decode_keyword (xkey);
- xheader_xattr_add (st, xkey + strlen("SCHILY.xattr."), xstr, size);
+ xheader_xattr_add (st, xkey + strlen ("SCHILY.xattr."), xstr, size);
+
+ free (xkey);
+ free (xstr);
}
static void
--
cgit v1.1

13
paxutils-rtapelib_mtget.patch Normal file
View file

@ -0,0 +1,13 @@
Index: cpio-2.11/lib/rtapelib.c
===================================================================
--- cpio-2.11.orig/lib/rtapelib.c 2013-07-23 13:18:27.119431054 +0200
+++ cpio-2.11/lib/rtapelib.c 2013-07-23 13:19:35.728188104 +0200
@@ -710,7 +710,7 @@ rmt_ioctl__ (int handle, int operation,
|| (status = get_status (handle), status == -1))
return -1;
- if (status > sizeof (struct mtop))
+ if (status > sizeof (struct mtget))
{
errno = EOVERFLOW;
return -1;

7
tar-1.34.tar.xz.sig Normal file
View file

@ -0,0 +1,7 @@
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iEYEABECAAYFAmAnuBMACgkQNgKwf1XQxzJIVgCfR5Z7coRkU2+aOW4KNhumGl/1
jn4AoI9OuQPpyzZN1CIwejDYxbV7u59P
=mfma
-----END PGP SIGNATURE-----

12
tar-PIE.patch Normal file
View file

@ -0,0 +1,12 @@
Index: tar-1.34/tests/Makefile.am
===================================================================
--- tar-1.34.orig/tests/Makefile.am
+++ tar-1.34/tests/Makefile.am
@@ -317,6 +317,7 @@ installcheck-local: $(check_PROGRAMS)
check_PROGRAMS = genfile checkseekhole ckmtime
genfile_SOURCES = genfile.c argcv.c argcv.h
+genfile_LDFLAGS = -pie
checkseekhole_SOURCES = checkseekhole.c
localedir = $(datadir)/locale

76
tar-avoid-overflow-in-symlinks-tests.patch Normal file
View file

@ -0,0 +1,76 @@
From d935dc7d1c150b3425dd43dc13a4dd2e2b712c26 Mon Sep 17 00:00:00 2001
From: Paul Eggert <eggert@cs.ucla.edu>
Date: Mon, 13 Jun 2022 17:02:54 -0700
Subject: Avoid EOVERFLOW problems in some symlink tests
* src/extract.c (is_directory_link): New arg ST. Caller changed.
(is_directory_link, open_output_file):
Use readlinkat, not fstatat, to determine whether a string
names a symlink. This avoids EOVERFLOW issues.
(extract_dir): Avoid duplicate calls to fstatat when
keep_directory_symlink_option && fstatat_flags == 0
and the file is a symlink to an existing file.
---
src/extract.c | 28 ++++++++++++----------------
1 file changed, 12 insertions(+), 16 deletions(-)
diff --git a/src/extract.c b/src/extract.c
index fda4617..6d2543f 100644
--- a/src/extract.c
+++ b/src/extract.c
@@ -982,18 +982,12 @@ apply_nonancestor_delayed_set_stat (char const *file_name, bool after_links)
static bool
-is_directory_link (const char *file_name)
+is_directory_link (char const *file_name, struct stat *st)
{
- struct stat st;
- int e = errno;
- int res;
-
- res = (fstatat (chdir_fd, file_name, &st, AT_SYMLINK_NOFOLLOW) == 0 &&
- S_ISLNK (st.st_mode) &&
- fstatat (chdir_fd, file_name, &st, 0) == 0 &&
- S_ISDIR (st.st_mode));
- errno = e;
- return res;
+ char buf[1];
+ return (0 <= readlinkat (chdir_fd, file_name, buf, sizeof buf)
+ && fstatat (chdir_fd, file_name, st, 0) == 0
+ && S_ISDIR (st->st_mode));
}
/* Given struct stat of a directory (or directory member) whose ownership
@@ -1066,11 +1060,14 @@ extract_dir (char *file_name, int typeflag)
|| old_files_option == OVERWRITE_OLD_FILES))
{
struct stat st;
+ st.st_mode = 0;
- if (keep_directory_symlink_option && is_directory_link (file_name))
+ if (keep_directory_symlink_option
+ && is_directory_link (file_name, &st))
return 0;
- if (deref_stat (file_name, &st) == 0)
+ if ((st.st_mode != 0 && fstatat_flags == 0)
+ || deref_stat (file_name, &st) == 0)
{
current_mode = st.st_mode;
current_mode_mask = ALL_MODE_BITS;
@@ -1178,9 +1175,8 @@ open_output_file (char const *file_name, int typeflag, mode_t mode,
if (! HAVE_WORKING_O_NOFOLLOW
&& overwriting_old_files && ! dereference_option)
{
- struct stat st;
- if (fstatat (chdir_fd, file_name, &st, AT_SYMLINK_NOFOLLOW) == 0
- && S_ISLNK (st.st_mode))
+ char buf[1];
+ if (0 <= readlinkat (chdir_fd, file_name, buf, sizeof buf))
{
errno = ELOOP;
return -1;
--
cgit v1.1

25
tar-backup-spec-fix-paths.patch Normal file
View file

@ -0,0 +1,25 @@
Index: tar-1.29/scripts/backup-specs
===================================================================
--- tar-1.29.orig/scripts/backup-specs
+++ tar-1.29/scripts/backup-specs
@@ -6,17 +6,17 @@
ADMINISTRATOR="root@localhost"
# (Optional) Path to tar binary.
-TAR=/bin/tar
+TAR=/usr/bin/tar
# (Optional) Path to rsh binary or its equivalent. You may wish to
# set it to ssh as shown in the example below, to improve security.
# In this case you will have to use public key authentication.
-RSH=/usr/local/bin/ssh
+RSH=/usr/bin/ssh
# (Optional) Path to rsh binary on remote mashines. This will be
# passed via --rsh-command option to the remote invocation of
# tar
-RSH_COMMAND=/usr/local/bin/ssh
+RSH_COMMAND=/usr/bin/ssh
# Name of temporary file to hold volume numbers. This needs to be accessible
# by all the machines which have filesystems to be dumped.

187
tar-fix-extract-unlink.patch Normal file
View file

@ -0,0 +1,187 @@
From 17debecd7300e94f590b8ce167a8c0735cb6d57d Mon Sep 17 00:00:00 2001
From: Sergey Poznyakoff <gray@gnu.org>
Date: Sat, 22 Oct 2022 12:06:45 +0300
Subject: Fix savannah bug #63123
The bug was introduced by commit 79d1ac38c1, which didn't take into
account all the consequences of returning RECOVER_OK on EEXIST, in
particular interactions with the delayed_set_stat logic.
The commit 79d1ac38c1 is reverted (the bug it was intended to fix
was actually fixed by 79a442d7b0). Instead:
* src/extract.c (maybe_recoverable): Don't call maybe_recoverable
if EEXIST is reported when UNLINK_FIRST_OLD_FILES option is set.
---
src/extract.c | 108 +++++++++++++++++++++++++++++++---------------------------
1 file changed, 58 insertions(+), 50 deletions(-)
diff --git a/src/extract.c b/src/extract.c
index 78de47f..37ab295 100644
--- a/src/extract.c
+++ b/src/extract.c
@@ -679,9 +679,10 @@ fixup_delayed_set_stat (char const *src, char const *dst)
/* After a file/link/directory creation has failed due to ENOENT,
create all required directories. Return zero if all the required
- directories were created, nonzero (issuing a diagnostic) otherwise. */
+ directories were created, nonzero (issuing a diagnostic) otherwise.
+ Set *INTERDIR_MADE if at least one directory was created. */
static int
-make_directories (char *file_name)
+make_directories (char *file_name, bool *interdir_made)
{
char *cursor0 = file_name + FILE_SYSTEM_PREFIX_LEN (file_name);
char *cursor; /* points into the file name */
@@ -725,6 +726,7 @@ make_directories (char *file_name)
desired_mode, AT_SYMLINK_NOFOLLOW);
print_for_mkdir (file_name, cursor - file_name, desired_mode);
+ *interdir_made = true;
parent_end = NULL;
}
else
@@ -879,12 +881,9 @@ maybe_recoverable (char *file_name, bool regular, bool *interdir_made)
FALLTHROUGH;
case ENOENT:
- /* Attempt creating missing intermediate directories. */
- if (make_directories (file_name) == 0)
- {
- *interdir_made = true;
- return RECOVER_OK;
- }
+ /* Attempt creating missing intermediate directories. */
+ if (make_directories (file_name, interdir_made) == 0)
+ return RECOVER_OK;
break;
default:
@@ -1072,61 +1071,69 @@ extract_dir (char *file_name, int typeflag)
break;
}
- if (errno == EEXIST
- && (interdir_made
+ if (errno == EEXIST)
+ {
+ if (interdir_made
|| keep_directory_symlink_option
|| old_files_option == NO_OVERWRITE_DIR_OLD_FILES
|| old_files_option == DEFAULT_OLD_FILES
- || old_files_option == OVERWRITE_OLD_FILES))
- {
- struct stat st;
- st.st_mode = 0;
-
- if (keep_directory_symlink_option
- && is_directory_link (file_name, &st))
- return 0;
-
- if ((st.st_mode != 0 && fstatat_flags == 0)
- || deref_stat (file_name, &st) == 0)
+ || old_files_option == OVERWRITE_OLD_FILES)
{
- current_mode = st.st_mode;
- current_mode_mask = ALL_MODE_BITS;
+ struct stat st;
+ st.st_mode = 0;
+
+ if (keep_directory_symlink_option
+ && is_directory_link (file_name, &st))
+ return 0;
- if (S_ISDIR (current_mode))
+ if ((st.st_mode != 0 && fstatat_flags == 0)
+ || deref_stat (file_name, &st) == 0)
{
- if (interdir_made)
- {
- repair_delayed_set_stat (file_name, &st);
- return 0;
- }
- else if (old_files_option == NO_OVERWRITE_DIR_OLD_FILES)
+ current_mode = st.st_mode;
+ current_mode_mask = ALL_MODE_BITS;
+
+ if (S_ISDIR (current_mode))
{
- /* Temporarily change the directory mode to a safe
- value, to be able to create files in it, should
- the need be.
- */
- mode = safe_dir_mode (&st);
- status = fd_chmod(-1, file_name, mode,
- AT_SYMLINK_NOFOLLOW, DIRTYPE);
- if (status == 0)
+ if (interdir_made)
{
- /* Store the actual directory mode, to be restored
- later.
- */
- current_stat_info.stat = st;
- current_mode = mode & ~ current_umask;
- current_mode_mask = MODE_RWX;
- atflag = AT_SYMLINK_NOFOLLOW;
- break;
+ repair_delayed_set_stat (file_name, &st);
+ return 0;
}
- else
+ else if (old_files_option == NO_OVERWRITE_DIR_OLD_FILES)
{
- chmod_error_details (file_name, mode);
+ /* Temporarily change the directory mode to a safe
+ value, to be able to create files in it, should
+ the need be.
+ */
+ mode = safe_dir_mode (&st);
+ status = fd_chmod (-1, file_name, mode,
+ AT_SYMLINK_NOFOLLOW, DIRTYPE);
+ if (status == 0)
+ {
+ /* Store the actual directory mode, to be restored
+ later.
+ */
+ current_stat_info.stat = st;
+ current_mode = mode & ~ current_umask;
+ current_mode_mask = MODE_RWX;
+ atflag = AT_SYMLINK_NOFOLLOW;
+ break;
+ }
+ else
+ {
+ chmod_error_details (file_name, mode);
+ }
}
+ break;
}
- break;
}
}
+ else if (old_files_option == UNLINK_FIRST_OLD_FILES)
+ {
+ status = 0;
+ break;
+ }
+
errno = EEXIST;
}
@@ -1978,11 +1985,12 @@ rename_directory (char *src, char *dst)
else
{
int e = errno;
+ bool interdir_made;
switch (e)
{
case ENOENT:
- if (make_directories (dst) == 0)
+ if (make_directories (dst, &interdir_made) == 0)
{
if (renameat (chdir_fd, src, chdir_fd, dst) == 0)
return true;
--
cgit v1.1

117
tar-fix-race-condition.patch Normal file
View file

@ -0,0 +1,117 @@
From 79a442d7b0e92622794bfa41dee18a28e450a0dc Mon Sep 17 00:00:00 2001
From: Paul Eggert <eggert@cs.ucla.edu>
Date: Thu, 9 Jun 2022 22:09:34 -0700
Subject: tar: fix race condition
Problem reported by James Abbatiello in:
https://lists.gnu.org/r/bug-tar/2022-03/msg00000.html
* src/extract.c (make_directories): Do not assume that when
mkdirat fails with errno == EEXIST that there is an existing file
that can be statted. It could be a dangling symlink. Instead,
wait until the end and stat it.
---
src/extract.c | 61 ++++++++++++++++++++++++++++++++++++++---------------------
2 files changed, 43 insertions(+), 23 deletions(-)
diff --git a/src/extract.c b/src/extract.c
index e7be463..0753dec 100644
--- a/src/extract.c
+++ b/src/extract.c
@@ -636,8 +636,7 @@ fixup_delayed_set_stat (char const *src, char const *dst)
}
}
-/* After a file/link/directory creation has failed, see if
- it's because some required directory was not present, and if so,
+/* After a file/link/directory creation has failed due to ENOENT,
create all required directories. Return zero if all the required
directories were created, nonzero (issuing a diagnostic) otherwise.
Set *INTERDIR_MADE if at least one directory was created. */
@@ -646,6 +645,8 @@ make_directories (char *file_name, bool *interdir_made)
{
char *cursor0 = file_name + FILE_SYSTEM_PREFIX_LEN (file_name);
char *cursor; /* points into the file name */
+ char *parent_end = NULL;
+ int parent_errno;
for (cursor = cursor0; *cursor; cursor++)
{
@@ -685,31 +686,47 @@ make_directories (char *file_name, bool *interdir_made)
print_for_mkdir (file_name, cursor - file_name, desired_mode);
*interdir_made = true;
+ parent_end = NULL;
}
- else if (errno == EEXIST)
- status = 0;
else
- {
- /* Check whether the desired file exists. Even when the
- file exists, mkdir can fail with some errno value E other
- than EEXIST, so long as E describes an error condition
- that also applies. */
- int e = errno;
- struct stat st;
- status = fstatat (chdir_fd, file_name, &st, 0);
- if (status)
- {
- errno = e;
- mkdir_error (file_name);
- }
- }
+ switch (errno)
+ {
+ case ELOOP: case ENAMETOOLONG: case ENOENT: case ENOTDIR:
+ /* FILE_NAME doesn't exist and couldn't be created; fail now. */
+ mkdir_error (file_name);
+ *cursor = '/';
+ return status;
+
+ default:
+ /* FILE_NAME may be an existing directory so do not fail now.
+ Instead, arrange to check at loop exit, assuming this is
+ the last loop iteration. */
+ parent_end = cursor;
+ parent_errno = errno;
+ break;
+ }
*cursor = '/';
- if (status)
- return status;
}
- return 0;
+ if (!parent_end)
+ return 0;
+
+ /* Although we did not create the parent directory, some other
+ process may have created it, so check whether it exists now. */
+ *parent_end = '\0';
+ struct stat st;
+ int stat_status = fstatat (chdir_fd, file_name, &st, 0);
+ if (!stat_status && !S_ISDIR (st.st_mode))
+ stat_status = -1;
+ if (stat_status)
+ {
+ errno = parent_errno;
+ mkdir_error (file_name);
+ }
+ *parent_end = '/';
+
+ return stat_status;
}
/* Return true if FILE_NAME (with status *STP, if STP) is not a
@@ -824,7 +841,7 @@ maybe_recoverable (char *file_name, bool regular, bool *interdir_made)
case ENOENT:
/* Attempt creating missing intermediate directories. */
- if (make_directories (file_name, interdir_made) == 0 && *interdir_made)
+ if (make_directories (file_name, interdir_made) == 0)
return RECOVER_OK;
break;
--
cgit v1.1

29
tar-ignore_lone_zero_blocks.patch Normal file
View file

@ -0,0 +1,29 @@
Index: tar-1.26/src/list.c
===================================================================
--- tar-1.26.orig/src/list.c 2011-02-16 23:12:16.000000000 +0100
+++ tar-1.26/src/list.c 2014-06-11 11:48:38.129824435 +0200
@@ -212,6 +212,14 @@ read_and (void (*do_something) (void))
if (!ignore_zeros_option)
{
+ /*
+ * According to POSIX tar specs, this is wrong, but on the web
+ * there are some tar specs that can trigger this, and some tar
+ * implementations create tars according to that spec. For now,
+ * let's not be pedantic about issuing the warning.
+ */
+#if 0
+
char buf[UINTMAX_STRSIZE_BOUND];
status = read_header (&current_header, &current_stat_info,
@@ -221,6 +229,9 @@ read_and (void (*do_something) (void))
WARNOPT (WARN_ALONE_ZERO_BLOCK,
(0, 0, _("A lone zero block at %s"),
STRINGIFY_BIGINT (current_block_ordinal (), buf)));
+#endif
+ status = read_header (&current_header, &current_stat_info,
+ read_header_auto);
break;
}
status = prev_status;

297
tar-recursive--files-from.patch Normal file
View file

@ -0,0 +1,297 @@
From http://lists.gnu.org/archive/html/bug-tar/2014-09/msg00009.html
* src/common.h (name_add_file): Change signature.
* src/names.c (name_elt_alloc_matflags): New function.
(name_add_name): Use name_elt_alloc_matflags.
(name_add_file): Take matching flags as third argument.
(read_next_name): Remove trailing slashes.
* src/tar.c (parse_opt): Pass matching_flags to name_add_file.
* tests/T-dir00.at: New file.
* tests/T-dir01.at: New file.
* tests/Makefile.am: Add new testcases.
* tests/testsuite.at: Likewise.
---
src/common.h | 2 +-
src/names.c | 56 ++++++++++++++++++++++++++++++++++--------------------
src/tar.c | 2 +-
tests/Makefile.am | 2 ++
tests/T-dir00.at | 45 +++++++++++++++++++++++++++++++++++++++++++
tests/T-dir01.at | 45 +++++++++++++++++++++++++++++++++++++++++++
tests/testsuite.at | 2 ++
7 files changed, 131 insertions(+), 23 deletions(-)
create mode 100644 tests/T-dir00.at
create mode 100644 tests/T-dir01.at
Index: tar-1.28/src/common.h
===================================================================
--- tar-1.28.orig/src/common.h 2015-02-09 15:05:47.642772569 +0100
+++ tar-1.28/src/common.h 2015-02-09 15:05:50.076794925 +0100
@@ -725,7 +725,7 @@ int uname_to_uid (char const *uname, uid
void name_init (void);
void name_add_name (const char *name, int matching_flags);
void name_add_dir (const char *name);
-void name_add_file (const char *name, int term);
+void name_add_file (const char *name, int term, int matching_flags);
void name_term (void);
const char *name_next (int change_dirs);
void name_gather (void);
Index: tar-1.28/src/names.c
===================================================================
--- tar-1.28.orig/src/names.c 2015-02-09 15:05:47.642772569 +0100
+++ tar-1.28/src/names.c 2015-02-09 15:05:50.076794925 +0100
@@ -258,6 +258,21 @@ name_elt_alloc (void)
return elt;
}
+static struct name_elt *
+name_elt_alloc_matflags (int matflags)
+{
+ static int prev_flags = 0; /* FIXME: Or EXCLUDE_ANCHORED? */
+ struct name_elt *ep = name_elt_alloc ();
+ if (prev_flags != matflags)
+ {
+ ep->type = NELT_FMASK;
+ ep->v.matching_flags = matflags;
+ prev_flags = matflags;
+ ep = name_elt_alloc ();
+ }
+ return ep;
+}
+
static void
name_list_adjust (void)
{
@@ -276,20 +291,13 @@ name_list_advance (void)
free (elt);
}
-/* Add to name_array the file NAME with fnmatch options MATCHING_FLAGS */
+
+/* Add to name_array the file NAME with fnmatch options MATFLAGS */
void
-name_add_name (const char *name, int matching_flags)
+name_add_name (const char *name, int matflags)
{
- static int prev_flags = 0; /* FIXME: Or EXCLUDE_ANCHORED? */
- struct name_elt *ep = name_elt_alloc ();
+ struct name_elt *ep = name_elt_alloc_matflags (matflags);
- if (prev_flags != matching_flags)
- {
- ep->type = NELT_FMASK;
- ep->v.matching_flags = matching_flags;
- prev_flags = matching_flags;
- ep = name_elt_alloc ();
- }
ep->type = NELT_NAME;
ep->v.name = name;
name_count++;
@@ -305,9 +313,10 @@ name_add_dir (const char *name)
}
void
-name_add_file (const char *name, int term)
+name_add_file (const char *name, int term, int matflags)
{
- struct name_elt *ep = name_elt_alloc ();
+ struct name_elt *ep = name_elt_alloc_matflags (matflags);
+
ep->type = NELT_FILE;
ep->v.file.name = name;
ep->v.file.term = term;
@@ -389,6 +398,15 @@ add_file_id (const char *filename)
file_id_list = p;
return 0;
}
+
+/* Chop trailing slashes. */
+static void
+chopslash (char *str)
+{
+ char *p = str + strlen (str) - 1;
+ while (p > str && ISSLASH (*p))
+ *p-- = '\0';
+}
enum read_file_list_state /* Result of reading file name from the list file */
{
@@ -428,7 +446,7 @@ read_name_from_file (struct name_elt *en
if (counter == name_buffer_length)
name_buffer = x2realloc (name_buffer, &name_buffer_length);
name_buffer[counter] = 0;
-
+ chopslash (name_buffer);
return (counter == 0 && c == EOF) ? file_list_end : file_list_success;
}
@@ -518,7 +536,6 @@ copy_name (struct name_elt *ep)
{
const char *source;
size_t source_len;
- char *cursor;
source = ep->v.name;
source_len = strlen (source);
@@ -536,11 +553,7 @@ copy_name (struct name_elt *ep)
name_buffer = xmalloc(name_buffer_length + 2);
}
strcpy (name_buffer, source);
-
- /* Zap trailing slashes. */
- cursor = name_buffer + strlen (name_buffer) - 1;
- while (cursor > name_buffer && ISSLASH (*cursor))
- *cursor-- = '\0';
+ chopslash (name_buffer);
}
@@ -553,7 +566,8 @@ static int matching_flags; /* exclude_fn
the request to change to the given directory.
Entries of type NELT_FMASK cause updates of the matching_flags
- value. */
+ value.
+*/
static struct name_elt *
name_next_elt (int change_dirs)
{
Index: tar-1.28/src/tar.c
===================================================================
--- tar-1.28.orig/src/tar.c 2015-02-09 15:05:47.642772569 +0100
+++ tar-1.28/src/tar.c 2015-02-09 15:05:50.077794935 +0100
@@ -1641,7 +1641,7 @@ parse_opt (int key, char *arg, struct ar
break;
case 'T':
- name_add_file (arg, filename_terminator);
+ name_add_file (arg, filename_terminator, MAKE_INCL_OPTIONS (args));
/* Indicate we've been given -T option. This is for backward
compatibility only, so that `tar cfT archive /dev/null will
succeed */
Index: tar-1.28/tests/Makefile.am
===================================================================
--- tar-1.28.orig/tests/Makefile.am 2015-02-09 15:05:47.642772569 +0100
+++ tar-1.28/tests/Makefile.am 2015-02-09 15:05:50.077794935 +0100
@@ -43,6 +43,8 @@ $(srcdir)/package.m4: $(top_srcdir)/conf
TESTSUITE_AT = \
T-cd.at\
+ T-dir00.at\
+ T-dir01.at\
T-empty.at\
T-null.at\
T-rec.at\
Index: tar-1.28/tests/T-dir00.at
===================================================================
--- /dev/null 1970-01-01 00:00:00.000000000 +0000
+++ tar-1.28/tests/T-dir00.at 2015-02-09 15:05:50.077794935 +0100
@@ -0,0 +1,45 @@
+# Process this file with autom4te to create testsuite. -*- Autotest -*-
+#
+# Test suite for GNU tar.
+# Copyright 2014 Free Software Foundation, Inc.
+
+# This file is part of GNU tar.
+
+# GNU tar is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 3 of the License, or
+# (at your option) any later version.
+
+# GNU tar is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+
+# You should have received a copy of the GNU General Public License
+# along with this program. If not, see <http://www.gnu.org/licenses/>.
+
+# Tar 1.27 and 1.28 did not extract files under directory memberes listed
+# in the file read by --file-from.
+#
+# Reported-by: Jean-Louis Martineau <address@hidden>
+# References: <address@hidden>,
+# http://lists.gnu.org/archive/html/bug-tar/2014-09/msg00006.html
+
+AT_SETUP([recursive extraction from --files-from])
+AT_KEYWORDS([files-from extract T-dir T-dir00])
+AT_TAR_CHECK([
+mkdir dir
+genfile -f dir/file1
+genfile -f dir/file2
+tar cf archive dir
+rm -rf dir
+echo dir > list
+tar xfTv archive list | sort
+],
+[0],
+[dir/
+dir/file1
+dir/file2
+])
+AT_CLEANUP
+
Index: tar-1.28/tests/T-dir01.at
===================================================================
--- /dev/null 1970-01-01 00:00:00.000000000 +0000
+++ tar-1.28/tests/T-dir01.at 2015-02-09 15:45:52.309679130 +0100
@@ -0,0 +1,45 @@
+# Process this file with autom4te to create testsuite. -*- Autotest -*-
+#
+# Test suite for GNU tar.
+# Copyright 2014 Free Software Foundation, Inc.
+
+# This file is part of GNU tar.
+
+# GNU tar is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 3 of the License, or
+# (at your option) any later version.
+
+# GNU tar is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+
+# You should have received a copy of the GNU General Public License
+# along with this program. If not, see <http://www.gnu.org/licenses/>.
+
+# Tar 1.27 and 1.28 did not remove trailing slashes from file names
+# obtained with the --file-from option.
+#
+# Reported-by: Jean-Louis Martineau <address@hidden>
+# References: <address@hidden>,
+# http://lists.gnu.org/archive/html/bug-tar/2014-09/msg00006.html
+
+AT_SETUP([trailing slash in --files-from])
+AT_KEYWORDS([files-from extract T-dir T-dir01])
+AT_TAR_CHECK([
+mkdir dir
+genfile -f dir/file1
+genfile -f dir/file2
+tar cf archive dir
+rm -rf dir
+echo dir/ > list
+tar xfTv archive list | sort
+],
+[0],
+[dir/
+dir/file1
+dir/file2
+])
+AT_CLEANUP
+
Index: tar-1.28/tests/testsuite.at
===================================================================
--- tar-1.28.orig/tests/testsuite.at 2015-02-09 15:05:47.642772569 +0100
+++ tar-1.28/tests/testsuite.at 2015-02-09 15:05:50.116795293 +0100
@@ -205,6 +205,8 @@ m4_include([T-empty.at])
m4_include([T-null.at])
m4_include([T-zfile.at])
m4_include([T-nonl.at])
+m4_include([T-dir00.at])
+m4_include([T-dir01.at])
AT_BANNER([Various options])
m4_include([indexfile.at])

15
tar-wildcards.patch Normal file
View file

@ -0,0 +1,15 @@
Index: tar-1.25/src/names.c
===================================================================
--- tar-1.25.orig/src/names.c
+++ tar-1.25/src/names.c
@@ -970,10 +970,6 @@ collect_and_sort_names (void)
if (name->found_count || name->directory)
continue;
- if (name->matching_flags & EXCLUDE_WILDCARDS)
- /* NOTE: EXCLUDE_ANCHORED is not relevant here */
- /* FIXME: just skip regexps for now */
- continue;
chdir_do (name->change_dir);
if (name->name[0] == 0)

635
tar.changes Normal file
View file

@ -0,0 +1,635 @@
* Wed Dec 13 2023 danilo.spinella@suse.com
- Fix CVE-2023-39804, Incorrectly handled extension attributes in
PAX archives can lead to a crash, bsc#1217969
* fix-CVE-2023-39804.patch
* Tue Feb 14 2023 danilo.spinella@suse.com
- Fix CVE-2022-48303, tar has a one-byte out-of-bounds read that
results in use of uninitialized memory for a conditional jump
(CVE-2022-48303, bsc#1207753)
* fix-CVE-2022-48303.patch
- Fix hang when unpacking test tarball, bsc#1202436
* remove bsc1202436.patch
* bsc1202436-1.patch
* bsc1202436-1.patch
* Thu Dec 22 2022 danilo.spinella@suse.com
- Fix hang when unpacking test tarball, bsc#1202436
* bsc1202436.patch
* Mon Oct 31 2022 danilo.spinella@suse.com
- Fix unexpected inconsistency when making directory, bsc#1203600
* tar-avoid-overflow-in-symlinks-tests.patch
* tar-fix-extract-unlink.patch
- Update race condition fix, bsc#1200657
* tar-fix-race-condition.patch
- Refresh bsc1200657.patch
* Wed Aug 17 2022 sflees@suse.de
- bsc1200657.patch was previously incomplete leading to deadlocks
* bsc#1202436
* bsc1200657.patch updated
* Mon Jun 20 2022 danilo.spinella@suse.com
- Fix race condition while creating intermediate subdirectories,
bsc#1200657
* bsc1200657.patch
* Thu Oct 14 2021 mail@bernhard-voelker.de
- tests-skip-time01-on-32bit-time_t.patch: Add patch to skip test
'tests/time01.at' on platforms with 32-bit time_t for now.
- tar.spec: Reference it.
(%%check): Output the testsuite.log in case the testsuite failed.
* Fri Oct 8 2021 danilo.spinella@suse.com
- The following issues have already been fixed in this package but
weren't previously mentioned in the changes file:
* bsc#1181131, CVE-2021-20193
* bsc#1120610
* Wed Jun 9 2021 wolfgang.frisch@suse.com
- Link /var/lib/tests/tar/bin/genfile as Position-Independent Executable
(bsc#1184124).
+ tar-PIE.patch
* Sun Feb 14 2021 andreas.stieger@gmx.de
- GNU tar 1.34:
* Fix extraction over pipe
* Fix memory leak in read_header
* Fix extraction when . and .. are unreadable
* Gracefully handle duplicate symlinks when extracting
* Re-initialize supplementary groups when switching to user
privileges
* Sat Jan 9 2021 andreas.stieger@gmx.de
- GNU tar 1.33:
* POSIX extended format headers do not include PID by default
* --delay-directory-restore works for archives with reversed
member ordering
* Fix extraction of a symbolic link hardlinked to another
symbolic link
* Wildcards in exclude-vcs-ignore mode don't match slash
* Fix the --no-overwrite-dir option
* Fix handling of chained renames in incremental backups
* Link counting works for file names supplied with -T
* Accept only position-sensitive (file-selection) options in file
list files
- remove deprecated texinfo packaging macros
* Mon Oct 19 2020 lnussel@suse.de
- prepare usrmerge (boo#1029961)
* Fri Apr 3 2020 dimstar@opensuse.org
- Drop Requires(pre) info in the preamble: the main package does
not contain any info files, and has not even a pre script. The
- doc subpackage already has the correct deps.
* Fri Jan 31 2020 bjorn.lie@gmail.com
- No longer recommend -lang: supplements are in use.
* Mon Mar 25 2019 kstreitova@suse.com
- update to version 1.32
* Fix the use of --checkpoint without explicit --checkpoint-action
* Fix extraction with the -U option
* Fix iconv usage on BSD-based systems
* Fix possible NULL dereference (savannah bug #55369)
[bsc#1130496] [CVE-2019-9923]
* Improve the testsuite
- remove tar-1.31-tests_dirrem.patch and
tar-1.31-racy_compress_tests.patch that are no longer needed
(applied usptream)
* Fri Mar 15 2019 crrodriguez@opensuse.org
- Remove libattr-devel from buildrequires, tar no longer uses
it but finds xattr functions in libc.
* Thu Feb 14 2019 kstreitova@suse.com
- update to version 1.31
* Fix heap-buffer-overrun with --one-top-level, bug introduced
with the addition of that option in 1.28
* Support for zstd compression
* New option '--zstd' instructs tar to use zstd as compression
program. When listing, extractng and comparing, zstd compressed
archives are recognized automatically. When '-a' option is in
effect, zstd compression is selected if the destination archive
name ends in '.zst' or '.tzst'.
* The -K option interacts properly with member names given in the
command line. Names of members to extract can be specified along
with the "-K NAME" option. In this case, tar will extract NAME
and those of named members that appear in the archive after it,
which is consistent with the semantics of the option. Previous
versions of tar extracted NAME, those of named members that
appeared before it, and everything after it.
* Fix CVE-2018-20482 - When creating archives with the --sparse
option, previous versions of tar would loop endlessly if a
sparse file had been truncated while being archived.
- remove the following patches (upstreamed)
* tar-1.30-tests-difflink.patch
* tar-1.30-tests_dirrem_race.patch
- refresh add_readme-tests.patch
- add tar-1.31-tests_dirrem.patch to fix expected output in dirrem
tests
- add tar-1.31-racy_compress_tests.patch to fix compression tests
* Fri May 11 2018 kstreitova@suse.com
- add tar-1.30-tests_dirrem_race.patch to fix race in dirrem01 and
dirrem02 tests that were passing/failing randomly because of that
- run spec-cleaner
- renumber patches
* Tue Apr 3 2018 kukuk@suse.de
- Use %%license instead of %%doc [bsc#1082318]
* Thu Jan 4 2018 kstreitova@suse.com
- add tar-1.30-tests-difflink.patch to fix difflink.at test
(https://www.mail-archive.com/bug-tar@gnu.org/msg05440.html)
* Mon Dec 18 2017 avindra@opensuse.org
- GNU tar 1.30:
* Member names containing '..' components are now skipped when
extracting.
* Report erroneous use of position-sensitive options.
* --numeric-owner now affects private headers too.
* Fixed the --delay-directory-restore option
* The --warnings=failed-read option
* The --warnings=none option now suppresses all warnings
* Fix reporting of hardlink mismatches during compare
- cleanup with spec-cleaner
- switch all urls to https
- drop upstreamed patches
* add-return-values-to-backup-scripts.patch
* tar-1.29-extract_pathname_bypass.patch
- rebase add_readme-tests.patch
* Thu Apr 20 2017 kstreitova@suse.com
- remove tar-1.26-remove_O_NONBLOCK.patch as this issue was fixed
in tar 1.27 (commit 03858cf583ce299b836d8a848967ce290a6bf303)
* Mon Apr 3 2017 svalx@svalx.net
- Use update-alternatives according to current documentation
* Mon Mar 27 2017 svalx@svalx.net
- Disable tar-1.26-remove_O_NONBLOCK.patch - this issue has been
fixed in tar-1.27
- backup-scripts subpackage change to noarch
- Change rpm group of tar-tests to Development/Tools/Other
- Enable rmt building, change package description
- Switch rmt to alternatives system
- Separate rmt subpackage - it can be used by different archiving
tools as a dedicated program
- Change rmt path to /usr/bin folder - it can be used by non privileged
users for backup purposes. Security is controlled by access rights to
the targets and remote shell.
- Separate doc subpackage
- Remove conditions for old SUSE builds and lang subpackage
- Rename restore script to restore.sh for avoiding file conflicts
with dump/restore
* Thu Mar 23 2017 kstreitova@suse.com
- move binaries from /bin to /usr/bin [bsc#1029977]
* refresh tar-backup-spec-fix-paths.patch to change path of the
tar binary from TAR=/bin/tar to TAR=/usr/bin/tar
- use spec-cleaner
* Thu Dec 15 2016 vcizek@suse.com
- update tar-1.29-extract_pathname_bypass.patch to the upstream
one that fixes POINTYFEATHER issue but it doesn't limit append or
create operations as the initial patch did [bsc#1012633]
[CVE-2016-6321]
* Tue Nov 8 2016 kstreitova@suse.com
- add tar-1.29-extract_pathname_bypass.patch to fix POINTYFEATHER
vulnerability - GNU tar archiver can be tricked into extracting
files and directories in the given destination, regardless of the
path name(s) specified on the command line [bsc#1007188]
[CVE-2016-6321]
* Sat May 28 2016 astieger@suse.com
- GNU tar 1.29:
* New options: --verbatim-files-from, --no-verbatim-files-from
* --null option reads file names verbatim
* New options: --owner-map=FILE and --group-map=FILE
* New option --clamp-mtime
* Deprecated --preserve option removed
* Sparse file detection - now uses SEEK_DATA/SEEK_HOLE on
systems that support it. This allows for considerable speed-up
in sparse-file detection. New option --hole-detection for
algorithm selection.
* Wed Mar 23 2016 svalx@svalx.net
- Add add-return-values-to-backup-scripts.patch
* Mon Apr 13 2015 vcizek@suse.com
- Revert tar-recursive--files-from.patch because it causes regression
(bnc#918487, bnc#919233)
* Mon Feb 9 2015 vcizek@suse.com
- extract files recursively with --files-from (bnc#913058)
* added tar-recursive--files-from.patch
- call autoreconf in %%prep
* Sun Dec 21 2014 meissner@suse.com
- build with PIE
* Thu Nov 20 2014 andreas.stieger@gmx.de
- compile in ACLs, Xattr and selinux support [boo#906413]
* Fri Aug 29 2014 jengelh@inai.de
- Improve on RPM group classification
* Sat Aug 2 2014 andreas.stieger@gmx.de
- GNU tar 1.28:
* New --checkpoint-action=totals
* Extended checkpoint format specification
* New option --one-top-level
* New option --sort
* New exclusion options:
- -exclude-ignore=FILE
- -exclude-ignore-recursive=FILE
- -exclude-vcs-ignores
* refuses to read input from and write output to a tty
- packaging changes:
* adjust patch for context change: add_readme-tests.patch
* remove patch applied upstream:
tar-fix_eternal_loop_in_handle_option.patch
* Mon Jul 28 2014 vcizek@suse.com
- don't print lone zero blocks warning (bnc#881863)
* there are many tar implementations around that create invalid
archives with a zero block in the middle
* https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=235820
* added tar-ignore_lone_zero_blocks.patch from Fedora
* Wed Mar 26 2014 vcizek@suse.com
- fix an infinite loop in handle_option (bnc#867919 and bnc#870422)
* added tar-fix_eternal_loop_in_handle_option.patch
* Tue Jan 7 2014 llipavsky@suse.com
- add tests subpackage.
* It is the same testsuite that is run during make check.
* It is now possible to run it in real system to verify that
nothing is broken by incompatible libraries, etc.
- add add_readme-tests.patch: README for testsuite
* Tue Nov 19 2013 andreas.stieger@gmx.de
- update to 1.27.1
* Fix unquoting of file names obtained via the -T option.
* Fix GNU long link header timestamp (backward compatibility).
* Fix extracting sparse members from star archives.
* Thu Oct 24 2013 andreas.stieger@gmx.de
- update to 1.27
- bug fixes:
* PAX-format sparse archive files no longer restricted to 8 GiB.
* adjust diagnostics and output to GNU coding
- new features:
* The --owner and --group options now accept numeric IDs
* restore traditional functionality of --keep-old-files and
- -skip-old-files, treat existing file as errors for the former
* --warning=existing-file gives verbose notice for this
* Support for POSIX ACLs, extended attributes and SELinux context
- -xattrs, --acls and --selinux and their `--no-' counterparts
- -xattrs-include and --xattrs-exclude allows selective control
* Any option taking a command name as its argument now accepts a
full command line as well:
- -checkpoint-action=exec
- I, --use-compress-program
- F, --info-script
- -to-command
* environment variables supplied to such commands can now be used
in the command line itself
* New warning control option --warning=[no-]record-size controls
display of actual record size, if it differs from the default
* New command line option --keep-directory-symlink to disable
default behaviour that unlinks exising symbolic link for an
extracted directory of the corresponding name
- packaging changes:
* drop tar-1.26-stdio.in.patch, committed upstream
* drop config-guess-sub-update.patch, newer version in upstream
* verify source signature
* Thu Aug 22 2013 vcizek@suse.com
- added fix for paxutils rtapelib which is bundled with tar.
the very same fix was added to cpio too (bnc#658031)
* paxutils-rtapelib_mtget.patch
* Fri Apr 5 2013 idonmez@suse.com
- Add Source URL, see https://en.opensuse.org/SourceUrls
* Sat Feb 2 2013 schwab@suse.de
- Add config-guess-sub-update.patch:
Update config.guess/sub for aarch64
* Tue Jul 17 2012 aj@suse.de
- Fix build failure with undefined gets (glibc 2.16).
* Wed May 30 2012 sweet_f_a@gmx.de
- avoid automake dependency
* Fri Apr 20 2012 crrodriguez@opensuse.org
- disable 'runtime checks' in m4/*.m4 that override
system calls with custom implementations to workaround
very old kernel/libc bugs (dating 2003-2009)
we do not ship those buggy components nowdays.
* Fri Apr 20 2012 crrodriguez@opensuse.org
- Switch to default archive type to POSIX.1-2001, which is ten years
old and has no limits on filesize,filename length etc.
* Mon Dec 19 2011 tcech@suse.cz
- tar-1.26-remove_O_NONBLOCK.patch:
don't use O_NONBLOCK as a flag for read,
when file is offline, read with O_NONBLOCK returns EAGAIN,
but tar doesn't handle it
(bnc#737331)
* Sun Oct 30 2011 dmueller@suse.de
- disable testsuite on qemu build
* Wed Oct 5 2011 sweet_f_a@gmx.de
- minor portability fixes
* Thu Sep 29 2011 sweet_f_a@gmx.de
- spec cleaner, avoid some deprecated macros
- fix non-utf8-spec-file
- fix macro-in-comment
- enable make check
- remove upstream-fixed/obsolete patches (fortifysourcessigabrt,
disable-listed02-test, disable_languages)
- call help2man inside specfile instead of paching tar's build chain
* Tue Mar 15 2011 puzel@novell.com
- update to tar-1.26
* Fix the --verify option, which broke in version 1.24.
* Fix storing long sparse file names in PAX archives.
* Fix correctness of --atime-preserve=replace
* tar --atime-preserve=replace no longer tries to restore atime of
zero-sized files.
* Fix bug with --one-file-system --listed-incremental
* Wed Nov 24 2010 puzel@novell.com
- fix tar-backup-scripts (bnc#654199)
- add tar-backup-spec-fix-paths.patch
- cleanup spec
* Tue Nov 9 2010 puzel@novell.com
- update to tar-1.25
* Fix extraction of empty directories with the -C option in effect.
* Fix extraction of device nodes.
* Make sure name matching occurs before eventual name transformation.
* Fix the behavior of tar -x --overwrite on hosts lacking O_NOFOLLOW.
* Support alternative decompression programs.
- update to tar-1.24
* The new --full-time option instructs tar to output file
time stamps to the full resolution.
* More reliable directory traversal when creating archives
* When extracting symbolic links, tar now restores attributes
such as last-modified time and link permissions, if the
operating system supports this.
* The --dereference (-h) option now applies to files that are
copied into or out of archives, independently of other options.
* When receiving SIGPIPE, tar would exit with error status and
"write error" diagnostics.
- disable-silent-rules
- updated tar-fortifysourcessigabrt.patch
* Mon Jun 28 2010 jengelh@medozas.de
- use %%_smp_mflags
* Fri Mar 12 2010 mseben@novell.com
- updated to version 1.23
* Improved record size autodetection
* Use of lseek on seekable archives
* New command line option --warning
* New command line option --level
* Improved behavior if some files were removed during incremental dumps
* Modification times of PAX extended headers
* Time references in the --pax-option argument
* Augmented environment of the --to-command script
* Fix handling of hard link targets by -c --transform
* Fix hard links recognition with -c --remove-files
* Fix restoring files from backup (debian bug #508199)
* Correctly restore modes and permissions on existing directories
* The --remove-files option removes files only if they were succesfully stored in the archive
* Fix storing and listing of the volume labels in POSIX format
* Improve algorithm for splitting long file names (ustar format)
* Fix possible memory overflow in the rmt client code (CVE-2010-0624)
- deprecated heap_overflow_in_rtapelib.patch
* Wed Mar 3 2010 mseben@novell.com
- added heap_overflow_in_rtapelib.patch fix possible heap overflow in
rtapelib.c (bnc#579475)
* Tue Feb 2 2010 mseben@novell.com
- updated to version 1.22
* Support for xz compression (--xz option)
* Short option -J is reassigned as a shortcut for --xz
* The option -I is a shortcut for --use-compress-program
* The --no-recursive option works with --incremental
- deprecated recognize_xz.patch
- created tar-backup-scripts subpackage (bnc#574688)
* Sun Dec 6 2009 jengelh@medozas.de
- enable parallel building
* Fri Dec 4 2009 meissner@suse.de
- fixed FORTIFY_SOURCE=2 issue with gcc 4.5.
* Sun Aug 30 2009 aj@suse.de
- recommend not require language subpackage
* Tue Mar 3 2009 pth@suse.de
- Recognize .xz as lzma archive.
* Wed Feb 11 2009 coolo@suse.de
- update to version 1.21
* New short option -J - A shortcut for --lzma.
* New option --lzop
* Compressed format recognition
* Using --exclude-vcs handles also files used internally by
Bazaar, Mercurial and Darcs.
- split out language subpackage
- recommend xz instead of the old name of lzma
* Wed Nov 19 2008 mkoenig@suse.de
- fix incremental backup with wildcard option [bnc#445411]
* Mon Jun 23 2008 mkoenig@suse.de
- update to version 1.20:
* new options: --auto-compress, --lzma, --hard-dereference,
- -checkpoint-action, --(no-)check-device, --transform
* Add recommends tag for lzma
- removed patches:
tar-gcc43.patch
tar-1.19-update_flag.patch
* Fri Mar 28 2008 mkoenig@suse.de
- apply upstream patch to avoid error message when updating
an archive that does not exist [bnc#347525]
* Wed Nov 14 2007 mkoenig@suse.de
- update to version 1.19
* New option --exclude-vcs
* --exclude-tag and --exclude-cache options now work under
incremental archives
* Fix handling of renamed files in listed incremental archives
* Fix --version output
* Recognition of broken archives
- merged patches:
tar-1.15.1-CVE-2001-1267.patch
tar-1.17-paxlib-owl-alloca.patch
* Fri Oct 5 2007 mkoenig@suse.de
- update to version 1.18
Licensed under the GPLv3
- merged patches:
tar-1.17-testsuite12.patch
* Mon Oct 1 2007 mkoenig@suse.de
- fix build with gcc-4.3
* Fri Aug 31 2007 mkoenig@suse.de
- fixed another directory traversal vulnerability, CVE-2001-1267,
CVE-2002-0399, [#29973]
* Mon Aug 20 2007 mkoenig@suse.de
- use correct patch for paxlib stack overflow [#301416]
* Fri Aug 17 2007 lmichnovic@suse.cz
- upstream fix: use of alloca can cause stack overflow
(paxlib-owl-alloca.patch)
* Thu Jun 21 2007 mkoenig@suse.de
- update to version 1.17:
* Fix archivation of sparse files in posix mode
* Fix operation of --verify --listed-incremental
* Fix --occurence
* Scope of --transform and --strip-components options
* End-of-volume script can send the new volume name to tar
- remove patch (fixed upstream)
tar-1.6.1-futimens.patch
- fix test 12
tar-1.17-testsuite12.patch
* Tue May 22 2007 mkoenig@suse.de
- fix build
* Tue May 15 2007 coolo@suse.de
- use %%find_lang
* Wed Jan 24 2007 mkoenig@suse.de
- update to version 1.16.1:
* tar-1.16-CVE-2006-6097.patch merged upstream
* tar-1.16-xheader_unused.patch merged upstream
* New option --exclude-tag
* The --exclude-cache option excludes directories that
contain the CACHEDIR.TAG file from being archived
* Race conditions have been fixed that in some cases briefly
allowed files extracted by 'tar -x --same-owner' to be
accessed by users that they shouldn't have been.
* Tue Dec 5 2006 mkoenig@suse.de
- update to version 1.16:
Bugfixes:
* Avoid running off file descriptors when using multiple -C options.
* tar --index-file=FILE --file=- sent the archive to FILE, and
the listing to stderr.
* Detect attempts to update compressed archives.
* Allow non-option arguments to be interspersed with options.
* Previous version created invalid archives when files shrink
during reading.
* Compare mode (tar d) hanged when trying to compare file contents.
* Previous versions in certain cases failed to restore directory
modification times.
New features:
* New option --mtime allows to set modification times
* New option --transform allows to transform file names before
storing
* --strip-components option works when deleting and comparing.
* New option --show-transformed-names
* Short option -l is now an alias of --check-links option,
which complies with UNIX98
* The --checkpoint option takes an optional argument specifying
the number of records between the two successive checkpoints.
* The --totals option can be used with any tar operation
* Any number of -T (--files-from) options may be used in the
command line.
* List files containing null-separated file names are detected
and processed automatically.
* New option --no-unquote disables the unquoting of input file
names.
* New option --test-label tests the archive volume label.
* New option --show-stored-names.
* New option --to-command pipes the contents of archive members
to the specified command.
* New option --atime-preserve=system
* New option --delay-directory-restore
* New option --restrict prohibits use of some potentially harmful
tar options.
* New options --quoting-style and --quote-chars control the way
tar quotes member names on output.
* Better support for full-resolution time stamps.
Incompatible changes:
* tar no longer uses globbing by default
- remove unused variable [#223847]
- create man page via help2man
- remove support for mangled names, due to security reasons
CVE-2006-6097 [#223185]
* Mon Jul 24 2006 rguenther@suse.de
- Do not build-depend on rsh, but provide the RSH environment.
* Mon Feb 27 2006 kssingvo@suse.de
- fixed buffer overflow issue CVE-2006-0300 (bugzilla#151516)
- not affected: traversal bug CVE-2005-1918 (bugzilla#145081)
* Sat Feb 18 2006 aj@suse.de
- Fix build.
* Wed Jan 25 2006 mls@suse.de
- converted neededforbuild to BuildRequires
* Thu Sep 1 2005 mmj@suse.de
- Add patch from upstream for fixing sparse files > 4GB [#114540]
* Fri Jun 24 2005 schwab@suse.de
- Fix broken test.
* Fri Apr 8 2005 uli@suse.de
- ignore test suite fails on ARM
* Wed Mar 9 2005 mmj@suse.de
- Make gcc4 happy
* Tue Feb 1 2005 mmj@suse.de
- Disable test that breaks on reiserfs due to that filesystems
limitations. Tar works fine on reiserfs.
* Tue Dec 21 2004 mmj@suse.de
- Update to 1.15.1 which fixes a bug introduced in 1.15 which caused
tar to refuse to extract files from standard input.
* Tue Dec 21 2004 mmj@suse.de
- Update to tar-1.15 including:
- Features:
o Compressed archives are recognised automatically, it is no
longer necessary to specify -Z, -z, or -j options to read
them. Thus, you can now run `tar tf archive.tar.gz'.
o When restoring incremental dumps, --one-file-system option
prevents directory hierarchies residing on different devices
from being purged. With the previous versions of tar it was
dangerous to create incremental dumps with --one-file-system
option, since they would recursively remove mount points when
restoring from the back up. This change fixes the bug.
o Renamed --strip-path to --strip-components for consistency with
the GNU convention.
o Skipping archive members is sped up if the archive media supports
seeks.
o Restore script starts restoring only if it is given --all (-a)
option, or some patterns. This is to prevent accidental restores.
o `tar --verify' prints a warning if during archive creation some of
the file names had their prefixes stripped off.
o New option --exclude-caches instructs tar to exclude cache
directories automatically on archive creation. Cache directories
are those containing a standardized tag file, as specified at:
http://www.brynosaurus.com/cachedir/spec.html
o New configure option --with-rmt allows to specify full path
name to the `rmt' utility. This supercedes DEFAULT_RMT_COMMAND
variable introduced in version 1.14
o New configure variable DEFAULT_RMT_DIR allows to specify the
directory where to install `rmt' utility. This is necessary
since modifying --libexecdir as was suggested for version 1.14
produced a side effect: it also modified installation prefix
for backup scripts (if --enable-backup-scripts was given).
- Bugfixes:
o Fixed flow in recognizing files to be included in incremental dumps.
o Correctly recognize sparse archive members when used with -T option.
o GNU multivolume headers cannot store filenames longer than
100 characters. Do not allow multivolume archives to begin
with such filenames.
o If a member with link count > 2 was stored in the archive twice,
previous versions of tar were not able to extract it, since they
were trying to link the file to itself, which always failed and
lead to removing the already extracted copy. Preserve the first
extracted copy in such cases.
o Restore script was passing improper argument to tar --listed
option (which didn't affect the functionality, but was
logically incorrect).
o Fixed verification of created archives.
o Fixed unquoting of file names containing backslash escapes (previous
versions failed to recognize \a and \v).
o When attempting to delete a non-existing member from the
archive, previous versions of tar used to overwrite last
archive block with zeroes.
* Mon Aug 9 2004 mmj@suse.de
- Add patch from snwint with long filename fix [#43538]
* Sun May 30 2004 mmj@suse.de
- Update to 1.14 which is the first stable release of tar
since 1999.
* Thu Apr 15 2004 mmj@suse.de
- Fix detection of remote paths [#38709]. Thanks Jürgen!
* Tue Apr 13 2004 mmj@suse.de
- Update to 1.13.94 including fix for [#16531]
* Sat Jan 10 2004 adrian@suse.de
- build as user
* Fri Jun 20 2003 ro@suse.de
- build with current gettext
* Thu May 15 2003 pthomas@suse.de
- Remove unneeded files from build root.
- Add autoconf tests to properly guard K&R prototypes
- Clean up signed/unsigned compares.
* Thu Apr 24 2003 ro@suse.de
- fix install_info --delete call and move from preun to postun
* Fri Feb 7 2003 ro@suse.de
- added install_info macros
* Mon Nov 18 2002 ro@suse.de
- add AM_GNU_GETTEXT_VERSION to configure.ac
* Thu Aug 1 2002 ro@suse.de
- add acinclude.m4 with missing macros
* Tue Jun 4 2002 pthomas@suse.de
- Make tar a package of its own.
- Update to tar-1.13.25.
- Make tar man page a seperate file instead of part of the patch.
- Patch de.po to reflect the addition of the --bunzip2 parameter
- Use AC_LIBOBJ instead of LIBOBJS
* Wed May 22 2002 olh@suse.de
- allow build as user, use buildroot
* Fri Feb 8 2002 werner@suse.de
- Fix bug #12797: back to builtin behaviour, the widly used -I for
bunzip2 can be reenabled with the environment var TAROLDOPT4BZIP2
* Mon Dec 17 2001 werner@suse.de
- draht@suse.de: package rsh is needed for build of tar(1) to
enable rsh remote command execution.
two successive execl() calls to /usr/bin/rsh with different
args/remote commands do not make sense since the first execl() is
successful if /usr/bin/rsh exists. Check for existence of /etc/rmt
on the remote side and execute it, else exec /sbin/rmt . (#12605)
- Use one contstant string for command line
* Tue Nov 20 2001 werner@suse.de
- Add rsh to needeforbuild to be sure that remote shell for remote
backup will be found.
* Wed Aug 1 2001 werner@suse.de
- Make /etc/rmt versus /sbin/rmt switch dynamic.
* Tue Mar 27 2001 werner@suse.de
- Fix man page of tar (#6741)
* Thu Dec 14 2000 werner@suse.de
- Update to tar 1.13.18
* should avoid some crashes
* avoid exclude file list problem
* Fri Nov 26 1999 kukuk@suse.de
- Add tar.1 to file list
- Remove obsolete entries from file list
- Build tar with locale support

234
tar.keyring Normal file
View file

@ -0,0 +1,234 @@
-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: SKS 1.1.0
mQGiBDxhQHkRBACyhJxCLQvLs70IUZSlYVKAm+u1Oa4RyUo5/ctCcMm2KOcjui3zxs+yUwlg
lo1n/de9NNJY98PJNLHniMVi5sPba8OKwYx9bilwuAWLgTsgfpX8UuuYTANQmTybmrxjzxrG
qN7eyjBT3utgbK3ACKDo/JUCgZMkdFu2c2i7186sDwCgo9pQygxOOWEWBm70Rymdfvkon6EE
AKY5h9nL1qYw46vM1+QY+vhyX2lHTD/E9QyFQv4LdriY3CerLAZ07yk5p8I6T31d7HEUt9DZ
cl0ZD99Y9IH84wWvms1xtnCuoLlP4ntwFQ5ZUZtMY0AIVRtFbgkTDDLZsdanscqMu/LqnO2/
QWjCQhaO/tcaIdPVgBIbCr28fuBJA/9KA5vbQBd4WnNFLVJsr47irnJBYdR+OqPQAUFUcQPO
1metR76UZ7+7LwtOldAjPN3RDJtRB8/JooHDNq+VCEzjs02JaBpQ+BCOzzqELnkoBPl26yHR
56r4WbC5+FH/QxEaicjVGxIF/Z9crzG/XUMXwieTNcM6HoGCnMboGqCM4bQgU2VyZ2V5IFBv
em55YWtvZmYgPGdyYXlAZ251Lm9yZz6IXgQTEQIAHgUCQ/CVtQIbAwYLCQgHAwIDFQIDAxYC
AQIeAQIXgAAKCRA2ArB/VdDHMkVKAJ41glKzudqU5UgxMkHdSLo28ov+cACeLUrGgtmv/6Mb
mICeG64v6KOrnga0I1NlcmdleSBQb3pueWFrb2ZmIDxncmF5QGdudS5vcmcudWE+iF4EExEC
AB4FAkPwlXcCGwMGCwkIBwMCAxUCAwMWAgECHgECF4AACgkQNgKwf1XQxzLm6gCfbavgu1bR
DHsaUQKvY83CqOX2RcsAnirapY4we57AiCr2TTldQ+H5+xw5tDJTZXJnZXkgUG96bnlha29m
ZiAoR3JheSkgPGdyYXlAbWlyZGRpbi5mYXJsZXAubmV0PohGBBARAgAGBQJClLMcAAoJEIvY
Lm8wuUtcoE4AnRDfvCNyheky5myvvIuPOnRoOLY3AKCfBIzNZgUabR7lPTwrkKud+DKQ2IhG
BBIRAgAGBQI/W2BoAAoJEKMJ1nkZoiVHcawAn0gd/9GX/b55HTeZ0B74B5JNoF9qAJ9Swtzv
/Cn59vtejqUpB7O8nMYGq4hXBBMRAgAXBQI8YUB5BQsHCgMEAxUDAgMWAgECF4AACgkQNgKw
f1XQxzIN4gCglbS1XsDcwg347otcE1ps+9yHFGkAnA4yuO+9QOhv8+ql+Ww7itci/2HkiF8E
ExECABcFAjxhQHkFCwcKAwQDFQMCAxYCAQIXgAASCRA2ArB/VdDHMgdlR1BHAAEBDeIAoJW0
tV7A3MIN+O6LXBNabPvchxRpAJwOMrjvvUDob/PqpflsO4rXIv9h5IkBIgQQAQIADAUCQj6y
7AUDABJ1AAAKCRCXELibyletfFW7CACzqk4TKwf2Tes9n/b3WkuFN0on4fvhOh1pT4eM9t20
3f//S48RrAVB0M8o705zQOYC5OocOuA89BjE6jXeF3wW1zcSgLxYy5BL1LoCyeHv/vpX8+Bf
i1g61iEM0dN99orknymnIcsA8zsLTK3EJ3TQ6jCzOO/xKSArS+OkG9EUEoBEK6ow+Lx/H0wL
2isxjpfzn4EyRhx8Tb/tVb0HvipSRXzEl68mEw6EHbmsYnS00iWNcWSwAsRZYXr78VngaUOA
boULu8c3RdOk+eSG5WcNfK558r2TPqB9jeCLKyo9EVfVo3LViam+DlCOy1LpCZ3EqwyIEXUF
q2LHr80Qn7EBiQEiBBABAgAMBQJCUD7MBQMAEnUAAAoJEJcQuJvKV6185aAH/1tkjj5pLiwi
CDUEZ9BzM3pCp3NHi61Ei5Skb89iwBzORlG3JAsvP/BO/XY6bdDLuCH3XHtvp525gr/k8LDq
acnO4/vSEM7+/qpU2WERVkAjtefBsPyxSw/mtRBaWEASZX0VoNsZLOcnjg+ov2egMTJVN3lr
1pyqhivAeYjObF15ZfqcpiZXmIc+LwOyAl1NIWA6ZGPFQL/y0Ff3XCvl+GJrMR9rknsoE6Xr
BcZocJkTFZ1mwbdntg0pwvo4CJtF2WOKxSdzso6sZ5QC4pVj8Ud1tgJTjdlMhEKxtkg9i/NT
c1uOfL86DcSTML3CNUP2JHlX6vGN8RQ0P0z+nioEkYyJASIEEAECAAwFAkJiDJYFAwASdQAA
CgkQlxC4m8pXrXzdgQf/S5FoKHVmyd/hzlq1Hbz9Re3ITJMTs6rQcyRfFV8UCb561McPJVQQ
NTkqd0YhhZAc8MGq84UlaVFxOF7GAreK4PoKgUsfzbWrcMWOCyZIql4QgHV6sOncdgJjy+5r
Or8JY15F1vidPFMUxwgSo/GpCfyUTKDANlu7UnI0vRtn+8q+MtQkQW675rNiZpBGTlbJdLjk
MDaCDYxlISGS9dUvlGhrayYk8CyjXqOdOWM87Fy6rkVYdRsZv4q6UaXuyuMBQA7W4RC1szBN
Nb5YTgQz/yVlcEfEUgdRiw/Ld7Jm3EA7wO1jptcM0gm7ZLK9fPB04OqQ1gp+MkbScgwGtZHj
MYkBIgQQAQIADAUCQmK1GAUDABJ1AAAKCRCXELibyletfN5NCACg7SyHUFOjiI41Q+V6heTL
FU3gnO7uBYROfBwGDvZzum9MMhaCvYh5QJM6KL+SjRlibQhQYFo2i0r9UOs3i4iGpQ/dW7Vj
BWHL7otrFi/8NviVPIlnBWnv8KqdNrLoV74cs0/esg3TXZnbJerymFLXKtBeoRNUZaFpIesU
21GTUzIHyP4C8Jg6mZlRM80tA4oTVWOogSC3nmLoiAwx+xx6v/QBhQrKKNb7WAmqDOcO8h3T
mPI1QTntRi+ljhX4h0Gq1leceYa+88kq32ieGtHB/R+YisE5NUdCB32L381Guybo+n5ZDCH2
tL3gZ4XGxmfKGErBL/4LdYuG+ZawXk4MiQEiBBABAgAMBQJCdUutBQMAEnUAAAoJEJcQuJvK
V618+MkIAILO+4vPDJARUOqgAfQlHDSpzpcAyAIBlByTMhI73gzIpiQbxKagZWIAqa8FowcH
suojJ8sfYr8gdkpJ1YdiB0RcEKIfL9wQhn9LGdfwo/bZhgowE26L1YqpD8Kjy8FyNPbr/tha
XV3YQVYAVQ2qZD1F0fEYLrf+mxY53JhKcsDXVObWrzLoQJVPGcG7IZ+r8vht1MZb31Vt2EPw
C6t9OT3io3R2nYxtnhRfCh9HzC3Pu/aPVuIAPqNPzc6TZNTvONB6yLF0w12y4OMHUrzCbHBa
thDA+Lnnb3OWZLpz9sNv/cISzxrx8Hr60cD78o3mb6B3yyen2BVX8Gy2JfvokT+JASIEEAEC
AAwFAkKHGEAFAwASdQAACgkQlxC4m8pXrXw/Nwf8DYchCfD6q0F3I8Xao99vCqzRBEM6wulj
jF61qdU+ryBDE4OqxZ3awQ8oFcpbCq+eaN0ToLtFLIKggg0E1aFSZay7JCUAxNx0VShHVvQr
qReC8DSmVjIsAJ5q8ho4o3MZL19bRzeDtSLiWVUMo3tHXJolaBdKIBtyg0N/tNgM4LTPIRfF
uVxWELPxce8ApBM/cSH3M8UgThQNcjkdcmTxNmyv5xdx9+qTM6lt03/ft0iSzLBPJ2BvEd6J
N55+gUS5UGTCW4/euqg4fBKep1NPp4OlLnjfG2KetCGo+HBgNS3z+ctR7gMng1Odvaf2+qWD
vbzAdudGpYrS+L0CLhS11okBIgQQAQIADAUCQom/SgUDABJ1AAAKCRCXELibyletfLF0B/9A
wsObANiamJG6b5adwlnoSAABokQ1+YhLemP3yoeoz6TCjXEDjeKVr2oZF/9IymovMfO74xUr
609PCPHsSx+8kH4/S1PFJpgJ7WpKzRSvAk7nhNLU534V0K8fQ0S/rd7y9XrnFyP+uQatx4Li
u+lm3groaC8VwWhnWavnXaGcme0rVkUfZDhwTtVyAR6hzuVBLrHr6iQzTjr778nVi0FOV18m
0FOx1xeZhHbLLNhv0ZQ6rVikAV3fPV8/uNl1Yk/MxrddYSI5NBiITE93T2LEGIWaObcRVItz
3k7rkhpzPfJ3l7ZqKKt8sxwTv4/ZigxjKDTTnt7hXxrkZea7FPViiQEiBBABAgAMBQJCm3bH
BQMAEnUAAAoJEJcQuJvKV618zGUIAMOAYUFUH+YlM9Yh/CvEsXtH7cdXaLsivd2K3tZrUxaM
Ozl+EXA+AMQWz5475G7FhV1a8RRQaDHXm4sueVJaVrdbyPuC/HsGj25R4+7fSaFwBOAT6gfk
VzATbz2eJe6Qq51/VMlpCQQ9qWKUsVV3aYZvVXN6GL0PXbarkIv9Q7dCxEobRP6L1TGuc1G8
xnOPhTJlxd/wgPoF/8KdIOiXVVPKvGd2uNrNjN46UMWBrx9yWJMsV9gt8IHMugAJ/1GHiQhp
s5Qy8RYPof23C5HOgXttV8vYfGNyV6Sten4ubVAPFdfuv+UCPa2SA/xN/ADxyBCPWdVqCfAY
x2q4oDpPw1mJASIEEAECAAwFAkKcx/oFAwASdQAACgkQlxC4m8pXrXydiQf/S5yJQwEIRVg7
SRRKub+//wC8LwrFE1Qeb15/NJOrjHqslWPdCeuWccukKFLaokJy/WBd9UyK+k9MTxwnVH7j
IwoR6RIGPiS23CEDoSgCfxDDGQCQh5tuY2xwSaLRFhcezIGAbJYDVCjfw7guPVY1IZnW25Pe
/NY+su9I1Hq0M+1zRrmzMB99wh9dwqFLIVq4CpYsAUdwlFgZOuwnTPBP2E+lbgXOpdSaWHG2
ehK06SMKpU5iRdp8bjuMkU83gb7+lHwB2sH9RJGR0K2O6A5I0UVYk6PJwPjB5gMTmzDod8IM
m8FditTHCmoVvHjv7QzRuazMVWeM1+bUO/Na3bdwOIkBIgQQAQIADAUCQq/hkAUDABJ1AAAK
CRCXELibyletfIAtCACSAu1NGXLdGiVO9WnOh59WEASHacxOeF96r1wx2+uk7ENMm+jTIfq2
gpiwTI3mWZ+vG/gVtpaD2F1BGB/eGh4LycyFN2we2mB9FpqT0I87zAvaXk8VZwP5OiAJlL2P
hRqK27HQoGoUloTcMieB48hln8mFTpOM1SUg6blgp2ceqIghZw8hfUEwjCW4UAKUrJqFPktO
Ku1+T9Gq5/05f/2wrEQ0P5v+3MnPOT1d6ilJHGnIU37Qi336aaaEujjzjE1Ld4QRgAgYzgtf
e8EFkilNJDc7blLM/diDzYugWbTVT72Ree3MzMMahgU57kQpK/qtLjKSQl3bEkwK0FFLgsSF
iQEiBBABAgAMBQJCtSzlBQMAEnUAAAoJEJcQuJvKV618uAsH/ixHUob6l8hWzVNpfmNlIsB2
ukC9+d6YcSbQXnPqBFd/M0qvMErYR/qPIZYhKOa0PYRVeV6HrmyTdhvRGh/5TgiGw9jKJu9C
lsJ6ywRMORpb2BDwELx5Y2K7Ci/+IvlTA16fSCmMf3fR2Jp+FztsaefPvqEXnM2zpyBs0HT0
MjrnhRKy0/LIcc2/VlrG2HgB29/hqmYEYyCqmanb+hAxbDm82EpyXSY98qmSeYXDc64cx1a1
9oZbk6SWM/MuZPE4E7I/Sxv2gU/qK5pvBxFEcfLDy1CxWjX0Fi5JYDivgeep8V8rXFyXnVww
vU6LxA8W30jby3d5uNh3pQoYJ1oUC6GJASIEEAECAAwFAkK3KE0FAwASdQAACgkQlxC4m8pX
rXyHpQgAoBovhQ+++g35g2D1Oby200fxZ7+wq3iN61OTSquOe/WFfD8e6w3p6UEZ3MujEv8t
gMMVjNwvezsD2Z/MDWv/fK8m3Ng83yLme77wE/rOkz37Id+Ehe1kojrjAV03zJr1VmhZfvx3
e1Y/A00ipmfZPUzR1Jx82zmlfDeXavAScuQDUyORloLTEHv9bc9soospjYSFK1nWJ1t8C2DD
YX2skcYoxGqyqVnBzAw6ozq9jZmOVaMlc7czjMQffNwdwYXtSXo1NNjL+0eQdAWpOfMIlgKs
hkFymcd4cBbgE6RCw0r2brVkVtSt0+ZnctvHQotxuNvwJXFRFVBh153l5IWdOYkBIgQQAQIA
DAUCQtEgTAUDABJ1AAAKCRCXELibyletfI7CCACIWICj9ZkESfm+5iVbFc3JP+4mXaHaXfHA
fYmdBdy4MK9BPx2dkS0scMiFWRH6jRi8Tzk3bH6M4wwS4MDXuSrlsOKPxNpiAVgDI+SflcPG
M10VrSOy+8W9FF5F6onD0ojP7Fg4KG1ige4Rm6dM/YnEw7a2iWZ8Be7cCd8Bi77y/XN0SMpP
EEjnEWhdpzH1esD0fc3N1A721C7NMWeCLEtm+e1YixFcoccegJniJ8QYNHzti+kVPR77EJFw
gZechF/dNEXfnlAuyQSj6Wc90vPAH27+kaoxTiO2p/YzqTKwj4CJl/y6NOMQcoJ7CO2rf9fY
rf0ZVwCdt7iL5s/JFfCviQEiBBABAgAMBQJC0cZ0BQMAEnUAAAoJEJcQuJvKV618kWoH/0zV
rsTcYUOIM7ZUviejStEvRhX4dMTWzKPlJHVeMgKqqMF2ibMTlynrvj/K2ufFWM26maoOKoiA
Dd4f1gBNLlMH60hrsxuMhAotB8RgfqL54nBUj9CJmzGXToPrYEC7xlCJObIf9j6tzd07TZZc
W0UtVQR1uNpy1G00psYd7oP9Db1OE7oKCqOKwcJwsdKpf59HcstbEe8CCjcHJQh9v0fyoz7U
3OkAAOPmUTzh3YlWLZuqMl53CYGWqxTJvW6gOoEl1TdmsYIO9aXR7MGcz9j2pzwkJdc9uC9Q
TCXfU8bdXi86P99e7TXakUr7koAwcFkYgQDUvJvO7Pda24Qnuh+JASIEEAECAAwFAkLj7sQF
AwASdQAACgkQlxC4m8pXrXwEOQgAlmsoab76veaNTiiOClkeFX1Hzj1E/KBOlgkyR3ObDE22
8X9LIk5iWhV1XaWEWA1v8o0UvD+hXIDL1XVZ9YjKQ+as5UQOadKqGVDpIusmb6U/vL5JtdyC
N1wbRgq2WnkkqgSK+C5qBNdI5ds6T7tU4eoO5DcZMQSyqHlaLrgkAnXLEXOd5r78JhqKHOO0
6hEZGVI5jD/0Msmdld8lZPPO/5Leo4LU4RuM2BBAopR0kiQcbNbt0QUf+FOb9LAq4RQBn69u
PPSRZF1lFkW6sAk20YdkrUyNvC14gFgJsswLZBjBqHJ1IHNorJUTET/7bhywxCz1z7KLok7d
DHaqTpWr8YkBIgQQAQIADAUCQune5wUDABJ1AAAKCRCXELibyletfLeZB/9jvTYpufTVTc7O
dTltkR8O0panwhG16mJu0/yddXsdBROx6d6LBNSHn0ACx38b5GJoCXeX2QnoU5rjWbQDKbSv
mJAoxn1Rg+yRW78yXcE53PBFdjGAY7aC9WMF4eBfoIsCXTYFQVk3hNHkV3gvsnOtrLnYOTtA
btERFE4Ftol5GbXF5atSyf9zclYMt6brx6PnxH2X4YhZ9aH3okN1mAzrPmZoefDGE0PMx0B/
LWIzQBMHwoSnM/NLLloto7hcOus4wpwg136NeqgyKzdOqM1xNWHljJRnskrUb234rIR7WU3v
XuQX7JmC0YvOkC4Gp43AScTjgO4dSWDb262mnGbQiQEiBBABAgAMBQJC7IIMBQMAEnUAAAoJ
EJcQuJvKV618EfgH/iPsvwNYSsamkBTvBAAH8EijR26NpNrO/f+fWc/FOfPIA9gZ1NAD8UWG
t5ycqCy0ZHNhCPIERBj2hkrLu89d9ZrLCC1i6/plloCvhxdVaALjpPco/V8t/I+QRXXu5P/I
UHDNnTxK4AK15CePCx8PKsqO2Rraej/pRnTxsvthWfMnwkXdRg68zkovO0OZE2OrXLLN5nx7
7uODWKvIALFNw+637vw7EQyTa6yxE2TiK2iXd8J6TQaTdmO/rmGBv2/rkyLfapNzFAMRespn
PXx0pk/Ff7ITeWGQtMvcmggo6ersyGXpKXama7R4bV/CqdbAVXuzK65inkndEzunJMx8V/SJ
ASIEEAECAAwFAkLtKhUFAwASdQAACgkQlxC4m8pXrXxVRAf8DcrZp6lr3knkQGhTKAgxO/k5
Q3NtS4Cx07Xsrp+/eUqZWsctOLuMGz0YiZ//E+JCdBr5fZptgNW211NjkRKOmvc4s6IrKXMh
pywkYudNZZdzzNy/AIm3rkAsDr1pU7zZQ4zaawxBB1QXwu8tg/s6OcW8bk6y16nag0dX6FOh
lv/Ual0zER2RUBlnFnG1Dtn4tmbOGYLNFYkdAJqnAA6QZvsMQCV3VgKmjbIk1GNhtJpoO3Cw
2PjLXTiwlhVRNCHsX1XnUnnFjnx9bKXnDa4uNzh9BTQbhZ70GmnpcwUA2GPHrZievqnapFB2
Y9TcCAyIEmQ5IPBctbeu2Z6U/FbNcIkBIgQQAQIADAUCQwBd/gUDABJ1AAAKCRCXELibylet
fMkYB/9vvgca4wBjh3izodha1NVKS4XRs4p+vcze7SuH6n2K/Vs2bZ1K2uL6pHUGbVYJztQd
5LERBmkWMe0o3sVeuZe6jSWT8UOYFcQIQWcr5QTLVvHinCg2jVFKtowJDXXO3ZxXQ3gSEWNy
i18uA+3MQB2NPdCqoiK5u79TvTe1u07Vh14FpMIa/C7LyKBdVuiIJuTu9ARXBdmQzdasve76
rQ0cCEsgAyIVR3IkPPzhl631TlI85kbyEUJA1kerfEAGYYPWGUcARYL8/HUYBRv4oZXAVMmd
tfIL6o0BKRfHwLxICRZ+pdy+8IKcuEVXUc+MU88m7ERmOfKBKNbUZhJKSkhYiQEiBBABAgAM
BQJDCEmYBQMAEnUAAAoJEJcQuJvKV618HoQIAL1DV7lgbpGjD9Nvrp46/3lANw22BTinQJ0k
3JvJXZBO7127/eztbtPuvFL6CSrpmcBZI0GdJH8/lmK18eJLuNif/7LZvBrcX6FgjcsVXVzw
adrSCAyAL5r0EnyTlso080aQfzYLcwYpNU9cwuxmSpiId7GU1FmLwivPSe5qDrqYPrNZWsGC
4u/v5e5D5Q5EQcGTEAt3G62yni6YhOZfZP/CxgkdkiNhJmubciEG6q75VqYrxlLiHSezL16m
t+kFfkBr2fAOZFgJO9m6UTRWvwUTmr61sDeUfBXaFINhh4ccid/E4aurMNFKmPlx9R3nCdI4
tGNWdn9hnCj032WdQi6JASIEEAECAAwFAkMMQ8QFAwASdQAACgkQlxC4m8pXrXy/FAf+JkU4
QcZ8aBmrbv2p7BawhCWHDjmhIAfl0RqlVUoI/2FjopLgAo0oKrW65fkFcnVTZYanLVFl7Fuz
2w2jjBXEqLFkQJsA6XOG9xIssRimeyD/lT1wAIz8JE9ezdG3oaS0SVhduMJ4byN/tKLYN0V5
avxUbu/vtXgBr6PZlTmulOJjbWnrlb3e4QIMADzxDGyea+qsqQfyf8cwJvX5qFX0NGIU4Lwv
OBJDh4PkHOQkEfFsnNhO8jLBImHBw8tckeoafrt8zp8HsTGOKmDZzYPUnU9OwAYhezH4sS9Y
AbAcY6RZhyRr99H4vekI4ZJKpXGKgmCcfoWkzvAmfCZ1XtQ99okBIgQQAQIADAUCQxDbbAUD
ABJ1AAAKCRCXELibyletfOLsCACgR+14gUggcK6JuYLYa9pSyZOVmjRIBR6lVBg/aBkt46aG
m9iHo1BH2EtyhjW5oihjWgQ+i25qZxhFp9unzPz/vXKXDLVKf8dLE9SE3dlCuv8a8DWRcWNb
3ULtle5FaV7dvCp3g+8mMPBoAd98y+OIcyxdgoxdAZvMcHDgwVu6viV9UrFDbySWqqx3/wmb
aijuzd3+CNluyWJ3pOmsCcobSp1J9UlBfo9wurayCF/U8z8ARqxYokwRWqLwzyJOciKDQwT4
Og2PN3D6MfNrUc+vSK80tnX7iWes630qAWTaPHYcos7Y9nHFSrzt8I0hK0rnzUWhmPrlafjB
xkc1u4GMiQEiBBABAgAMBQJDEizGBQMAEnUAAAoJEJcQuJvKV618Um4H/0mzDk2raGBfNlGH
GqmDEioiHkLlgUtlh9QVeKhg52SVrapABKyIeVu51ztVbecGQEoFY3AwbkvzFgoJazWyUE5Y
bf8I0xzfwDKWonJTUjR27/P5PNw19+KThPwesLCru1vayOkuO1WFJB/QqkWRfp4G75RBwxYV
jWlEQ43JkM3HsfW3fn/HE6L3GmaEDfP42X9QjBG/vqWkXEq6ZR0YcBHc/L83zj3mJsgkYypo
CYb4dWrY7iUUI4o6tS5TgTm1a5FIVTb5fjFKhvlRqZfvSyk20wxd9h+sExx5XGAKjWEWCzXE
hFf8wQ7qsnjkG6s3KYvS5iXrC0+/PuesVNtGDk+JASIEEAECAAwFAkMUKM4FAwASdQAACgkQ
lxC4m8pXrXw5mQgAhUf0zDvIEWHDy/c8/vKOJ0aK8B7M35C3tHhWW0xoGHSQ2Ofpkl79fUeZ
UcnkaOlGRmF1Xe9sKhTnnW4NeKlNeHMrwlqo+/ovagy6TC47pp+XAAbqh1lQIYYj2RaIpIk3
TbOrLh9jYO8YUlscsUveTRL99JiyQL0332w/18twj51bNG/cDNIAXGdxxLJJLGwlgvn90FYq
vzSL7bDHVJHZSOY2FReXiB+wrKohTG4J6J1+X4dxj6I2e8DjzH/rilOG2Xcli9sITKRWprpI
4P7Ld13pkXb4fPnPSSHal+aE6ocZY45mbhUqn1es1kSG7P0UcvF0iDKfBDvO0j08r7qp/YkB
IgQQAQIADAUCQxYjKgUDABJ1AAAKCRCXELibyletfKe+B/4un5+FU1w5t7/ZtVdmRCm6UFe9
QUAyQzjcZlx9KxXhxuFzBk3hklgkunIBLCW8/e1Wf+rQzQCjD0Wwo6WHnxHoCiTBp1rZs45z
miUCweNxkqYMAmAI2v8ywEY5MpYDbPmDAx2PmNaIgw9ZFRrArrVHHJJqq8R9q3DXzQA4C7jM
98r+DgAAaiqldGe+cEZ/C9s/n33zNVKlFbnpwoR9gBvyKva4X7Nqu629ikPv0ichLCJbNr8h
n86Oi/pyV7jxKNunPiD3iWLEAv0b4SFjoSqya+YndulQ+dLMX5ZwAKQ1AMRNwE/E6Cq85os8
OJOTIDXrgTyCswtYF7lF4I1vQLLTiQEiBBABAgAMBQJDGMYWBQMAEnUAAAoJEJcQuJvKV618
6MwH/jiHXFC+L/r1t5l90ewP+WaIeAwxgLodYfj2tHzOeTLsqJ8cQRvvRmbA+V8HYNaRi5uv
abRKHc3Xz8A/4T0mGMBxC7zhAUGKZiij4lpEoecLmgMyLn4OcbKlw0vSF7uh8f0FtGXYAnMu
dC7fTGI9tEJAGVvO4wD3CDf0vvmFNhlMBhQ6N29naxKNQ43wvdEMS1bua+kHQEeBlnc69+JV
y+JqaM8WIyBYU+od+gUK9Cj13Zy5J8CZRe517kNbyjH9YdMQN+6EcvbyQMQ+WAukSCYu5+RM
Wh21YSjWX4LjHfAwYfBgtXLJYfD6+3qPTtgx3vjqDDeuQjlSK0Gz7kJV3GaJASIEEAECAAwF
AkMbZ+MFAwASdQAACgkQlxC4m8pXrXzNZgf+Ozkz/PM4JVhRjWB/yr/Fu65hHaVBbYhzqwYz
JolwZ82NORG3T00IE4NwWDX1dVFqc7vulWk1dPDyPi/ZojLSPbO85IDQKPGNgql/XMt9MG2k
3lSorxlsChUwwnL/T7p8atvJOz5FHFVwNdfFokoXoUffLeJ3GlQg+k9fzGjXSbvl68RSc1jJ
+IxBqODiqZITE/yik7jid92YsFOCPlmYJ504et7WBtQDCaaeqKQA5h+IaJYn/Wa4NnZMFkhO
qbbOFmz1YvrkybofiHtSPDS3J49vKSm7lLGqlyhIP3G0ZZ84VoLcnbIgGvBfHntk2dACBR8R
mePwdNpxGhwi7Epbm4kBIgQQAQIADAUCRJr1pwUDABJ1AAAKCRCXELibyletfMNlCAC9ySHI
FPGOG0nbUoJOf6iMLANVQjn5pIl6B1pGJTSB6bDCYhBlLh3Ye4HqM4uDGotlg7Ts+igsyobk
iBFstLHgxuODo9XycYMyzz6xnoaeUzX2qUwkvYHq3BA3W2V0uTi+Et4TP2t5bNpiEi0V007A
io80BMcijScEH8S85zcSSfuKoVGvqOOmfH0n4C0BorM7bdiuLWc6aBNMce9sHS71l3Y3y/R8
Y4oLvRpLBpnR8CNbMXrUfYKObZMrhDhS4rMexb0owNYfX1dGBS4vCYSYaSrB5E6KlKbN27dP
foMfxuXuX6BPbVNVs9U3Y6SA4nmfh8ISK3wAWPhRg+Gf5AloiQEiBBABAgAMBQJErDXMBQMA
EnUAAAoJEJcQuJvKV618ESAIALMpRIlLp375Uza4f/ABbWSjmvF8kqhQ5j7dEZeeGzXxrhIK
0hpnxJolxLAHWRt8RKBXc5Bs9pedSSQko3Vd5CA0fpnjBKKuMTbEzwYQhej4vt1strVuujeG
r8N7bTdS75ONPZcuze1yxSiM7LvzSKHCixC723k4pN3xUT12ip1MIbiqQghsRQZP7yaNCjUB
FuKiYjK50sBvxnNeMGwd+rnhxVrvS/F2x1S2a76l2QMz/UQTDXWhaPBwA+ho1q3UXU43+U/5
/yMlMniBnjoJEb32zddKyjAiwiynJ/d5623RheGdspLLIgzEDL1KuPK7iyEuoWXU/Lp5iQjk
CbCNDCeJASIEEAECAAwFAkS+n3kFAwASdQAACgkQlxC4m8pXrXxDGAf+MP6N76GTFoMrsJOM
n/iwBV0LCazH5ZVwimN0kzBiiT0dnmxyV0gPmXDhipKkVNjK1Zx/W0QdEZJaNg/4+ncU6Cs3
kdFQXJmpIKTWkZsdPGbmPGiUOuK3U3xLcWhs+oTgpkvP65mN0B21atgN76QTnCew8B39yTwq
WLllEkgP4UQ6yAC6b/nriHNHTDedB2YX9G9P99RjCXIy7SWVEFqq7UhmW97ij5sK3wtIudy2
73QRKbDvx3i0JClmY2RW049FGAxhRGq1NGT00QqPHDQ3QKS191xPaJ8Ka2EMXdDzi+Gf07jO
WpvL3adkqAjc0Z90d6B2WJnwQBPLU/Qw5nnLjIkBIgQQAQIADAUCRM/cWAUDABJ1AAAKCRCX
ELibyletfMcVB/9/uF/6AyVHxHIjXe6lZro4PaRGHRgUXpOCMB3Dh4MqKda31jg2JqSINdxB
V4wL8YkL1IE7Dl8As0MjFjEb1tl+D5AiuOrDoFhn7GpAOAVl4dJxnLhdi4bYBfw4UZkiuHcT
l3/ZPlDfDkRlcQjSIEUq5ah6sbSPVxGu9fyXJlTtUMwo5tPLX59g3e/TW4wd0nODxqytCCoP
v2sssH1StGi4ZcUVUXYDWKmYdSeR6FOOD6z3DhlReqp8xKBoXWo8VeOKQ9y0BYizQVVzX0tQ
OJAqjPTLEAJo7OLgE7neLkhLIPxUEF3CNEpA4HB14D32CaAzzMPN/Y6KJJOyMajRUdsXiQEi
BBABAgAMBQJE4Xq/BQMAEnUAAAoJEJcQuJvKV618BsgH/21iYazUbpykAobyp5LwlF67Y8er
71OoBcPd2MK6fwlgX1YQUOshRYxMe46/guMCZXXJ17PyCqRUIfle6cpuHIZcDojb9oAegMGD
2q9WkhmKkNkpUrsQmdRwqsx4Z0mir8o74UGM5Rf2eoUfPcMyVPfiKR6lv/Bns8EIS7yBU3/R
yOOEOtEHJrTj8bZEnJqOsrse2ep45ALJFYTZhM95XFqIgo9WMDWJxrNejyPrFSyNsHdXI0jf
//9le5eDpsOys5/6QLKlLMWwS1cEnpy1+soGMsr7EfMyQtmn2wwq863s3Bd+VZfg0mxXbKQQ
S5QmLUk8UPXep59SsrnFGcgEt2KJASIEEAECAAwFAkTzZwsFAwASdQAACgkQlxC4m8pXrXy8
Cgf+O+IqtqZqbCSBt5BjEQ/etAQx/D+STiBEpi8Y8XWFcwyAQS5pZ6pmU8fHpR59XtSxwYdr
5hBltyvXLwXfnrRoye6LSMwYeJahBjTSdwZr/Dd1WDZRIbzREDkigidRfJpFAkaPb8i4DO0X
1EJeaTUHTdFeuKcc+eX2ZFp6JDS80gvJIjAn+NyI1BLy6BK0GxRpt3qiUdL8nDU3Mbl94pWa
JcpirmVfEqU6dhnYlN8Ou/3MN5vgSL4XN59QDPomEVD1DR+Tu1iA5wOmxj7Oese+YYMYxqI0
saWWsHsM89NnqbhpL+nacMAQm7OhW2BTH3OByYT7IdeOn27UH3Afy0FKu4kBIgQQAQIADAUC
RQXNDQUDABJ1AAAKCRCXELibyletfPGCB/9wBPKkSyHuu+XVDT9msJCFLKHYJlN9nPGgcSAy
bNw0TideU3nwnUT+L55WiHbzHp10EJNp6RL4gKuvubM3XvEjUOkCzpHdWepLVhFrni+xzUhM
LIOKyqRYdbM3ku6SwCaHoP5QoCC8Olb/lCVYOLu33E1Wt7VsHS1L6BZIyXHVAc8j2a41En3o
fhZffCBe9BDG+wO30hOpYKiW85ZyK7ssBXLRgg85j0/VigC8QQfG0Zky7eP87JimiU9V9Vmv
C+wjjKeP2+zg1mLWzhLGbFrbbxQPQbYqHiZV8/YLdC/aAzgJJLpeWIJ2tqqam+KQrqn8F6Nd
HVQ5rlH3Bmnm8qZdiQEiBBABAgAMBQJFaR6NBQMAEnUAAAoJEJcQuJvKV618W5kH+wWc2YQs
kUi+qmvVNpMIc+wFSJ2ODw1d21wehDRsEUObVBCgM5Jk3wDfFWVpEN5+vXKVjDHQtTsCygqj
udWg5xxWtFok138xr2hju2oAzxjNOYdW9T8Rru0Kqy8QVJNIYaJy69+yVl2eM3fyBJy9cq66
94TxCv8RpyhTSWpdEU0BoQNwV3oZSs5Rn3IC61cOiE08AxqrVldbTVqXOwJwIzqRpiP2HdfV
RMjpmBYueAAdnlThUSGByLZ/7T7gJGjlU3s3CfMdxhw1+JAWMpLiUuLMqMoyv3upC/47mZF0
oxg+viWqlk+D1pq5G64g/FH1q/Vx/OAnQCZTiRTZjuoF9eKJASIEEAECAAwFAkV6hlkFAwAS
dQAACgkQlxC4m8pXrXwZAQf+LBvNw1ExALAFmeyCr/IMT/orpMv7QQ6Ax6g6pHlKAcXiQX12
wlUjzAKsw+SJFobtXK1K4JvL+pACb0ycsK0FGexQ7I7Xs+wt/KOiTYsvDA8wVh6J15BdoXFE
MYZLAxM/OOPvf2gKNXzzCjLbA/hwGI1KBMCFx+13ZmKR2r62hfzG20Ut+FHstvCNn0vcA0gF
mLQNLskk19obz16udm7Axi3RlIl0emZR/AL0F7uDepxTbRtj8KBmk3eXAGojAJCqpEuIipJm
iaIyzvVGZp0iBMCg/Vmralbk/mGw3avWiC/Hzp5F+DUqpaTm8YiWX9eGyKWVszTmbXWu12V7
tU397okBIgQQAQIADAUCRZ6MzgUDABJ1AAAKCRCXELibyletfFO6B/wJLxCgtlLh71bNWeO9
MYGNZSfuFDDwtHHj8raI1yK63thPBTJlXIoVTESj1h3Fi7I5ntjTABr+ck1UuK3kMlMwFM3l
JgfDy4eg5sJb4X3fOTDjWoZvnYUjC6djPhCjcL2d0Fgdzx5yZmouLX7vt/jTGMrQkACVcIys
ifxX0hgokhEOk0Kte4FgNNfs/3oSl91s8whzgCCrYu2pOOmer6tX3o1jaQ+8n1NMLDY136DL
ESBdLANvCpU77nu7NaSoHlCspgWpQBacd5+GurBIQg7oDI+f8339umntn67Hqu5Vp9VGUHHr
++nTwoMEs42bs7jkm/Rp/zIoGhfGJhsecOFIuQENBDxhQHwQBAD3qEphUOWRg9C8hSJpZ9Zo
8F+hXnF6mvMWuy76R+yHqg4H5CPWSH116lOKl5xpGeXdOOzM5OxGgdEChb+jLoszM9rc3HQf
cKAQmFMd03Iay4/5jMAS+vNgCfDV98nj6gU0Y3kuUdTkyMPDObQWv1ginAnkoOVXb7nAVW/X
5n8izwADBQP8CPuRROj2FC+w2tTXDgaJam9PEm1coHRJAoHef1nBZfOAOZLjRD10wBg2m8q2
EUJ4/mr/1D0whTINThJkvmZkRGVkuNILeC3X5dMQ1AX4fIOOnVObWVrlg5etH8ichIOYOUOq
Cx/cuV9F6Apg9PE6vcFqmh4BoOlb0qOaIdzN1sWIRgQYEQIABgUCPGFAfAAKCRA2ArB/VdDH
MlPgAKCM9FxutfWWvZqNKW5up6GnB4y6WwCeN5k4mxck975PULOk8jq/ZqLGvnSITgQYEQIA
BgUCPGFAfAASCRA2ArB/VdDHMgdlR1BHAAEBU+AAoIz0XG619Za9mo0pbm6noacHjLpbAJ43
mTibFyT3vk9Qs6TyOr9mosa+dA==
=mQUf
-----END PGP PUBLIC KEY BLOCK-----

237
tar.spec Normal file
View file

@ -0,0 +1,237 @@
#
# spec file for package tar
#
# Copyright (c) 2022-2023 ZhuningOS
#
# For correct subpackages docs installation into tar doc directory
%global _docdir_fmt %{name}
Name: tar
Version: 1.34
Release: 150000.3.34.1
Summary: GNU implementation of ((t)ape (ar)chiver)
License: GPL-3.0-or-later
Group: Productivity/Archiving/Backup
URL: https://www.gnu.org/software/tar/
Source0: https://ftp.gnu.org/gnu/tar/%{name}-%{version}.tar.xz
Source1: https://ftp.gnu.org/gnu/tar/%{name}-%{version}.tar.xz.sig
# http://wwwkeys.pgp.net:11371/pks/lookup?op=get&search=0x3602B07F55D0C732
Source2: %{name}.keyring
Patch0: %{name}-wildcards.patch
Patch1: %{name}-backup-spec-fix-paths.patch
Patch2: paxutils-rtapelib_mtget.patch
# don't print warning about zero blocks
# the patch is used in Fedora and Debian
# https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=235820
Patch3: %{name}-ignore_lone_zero_blocks.patch
# The next patch is disabled because it causes a regression:
#https://bugzilla.opensuse.org/show_bug.cgi?id=918487
Patch4: %{name}-recursive--files-from.patch
Patch5: add_readme-tests.patch
Patch6: tar-PIE.patch
Patch7: tests-skip-time01-on-32bit-time_t.patch
# PATCH-FIX-UPSTREAM danilo.spinella@suse.com bsc#1200657
# fix race condition while creating intermediate subdirectories
Patch8: tar-fix-race-condition.patch
# PATCH-FIX-UPSTREAM danilo.spinella@suse.com bsc#1203600
# Unexpected inconsistency when making directory
Patch9: tar-avoid-overflow-in-symlinks-tests.patch
Patch10: bsc1200657.patch
Patch11: tar-fix-extract-unlink.patch
# PATCH-FIX-SUSE danilo.spinella@suse.czom bsc#1202436
# Error out when trying to create '.' directory instead of hanging
Patch12: bsc1202436.patch
# PATCH-FIX-UPSTREAM danilo.spinella@suse.com bsc#1202436
Patch13: bsc1202436-1.patch
Patch14: bsc1202436-2.patch
# PATCH-FIX-UPSTREAM danilo.spinella@suse.com bsc#1207753
# tar has a one-byte out-of-bounds read that results in use of
# uninitialized memory for a conditional jump
Patch15: fix-CVE-2022-48303.patch
# PATCH-FIX-UPSTREAM danilo.spinella@suse.com bsc#1217969
# Incorrectly handled extension attributes in PAX archives can lead to a crash
Patch16: fix-CVE-2023-39804.patch
BuildRequires: automake >= 1.15
BuildRequires: libacl-devel
BuildRequires: libselinux-devel
Recommends: %{name}-rmt = %{version}
Recommends: mt
Recommends: xz
Provides: base:/bin/tar
%description
GNU Tar is an archiver program. It is used to create and manipulate files
that are actually collections of many other files; the program provides
users with an organized and systematic method of controlling a large amount
of data. Despite its name, that is an acronym of "tape archiver", GNU Tar
is able to direct its output to any available devices, files or other programs,
it may as well access remote devices or files.
%package backup-scripts
Summary: Backup scripts
Group: Productivity/Archiving/Backup
Requires: %{name} = %{version}
BuildArch: noarch
%description backup-scripts
Shell scripts for system backup/restore
%package tests
Summary: Tests for the package
Group: Development/Tools/Other
Requires: %{name} = %{version}
%description tests
Upstream testsuite for the package
%package rmt
Summary: Remote tape drive control server by GNU
Group: Productivity/Archiving/Backup
Requires(post): update-alternatives
Requires(postun):update-alternatives
Provides: rmt
%description rmt
Provides remote access to files and devices for tar, cpio
and similar backup utilities
%package doc
Summary: Documentation files for GNU tar
Group: Documentation/Man
Requires: %{name} = %{version}
BuildArch: noarch
%description doc
GNU Tar is an archiver program. It is used to create and manipulate files
that are actually collections of many other files; the program provides
users with an organized and systematic method of controlling a large amount
of data. Despite its name, that is an acronym of "tape archiver", GNU Tar
is able to direct its output to any available devices, files or other programs,
it may as well access remote devices or files.
%lang_package
%prep
%setup -q
%patch0 -p1
%patch1 -p1
%patch2 -p1
%patch3 -p1
#%patch4 -p1
%patch5 -p1
%patch6 -p1
%patch7 -p1
%patch8 -p1
%patch9 -p1
%patch10 -p1
%patch11 -p1
%patch12 -p1
%patch13 -p1
%patch14 -p1
%patch15 -p1
%patch16 -p1
%build
%define my_cflags -W -Wall -Wpointer-arith -Wstrict-prototypes -Wformat-security -Wno-unused-parameter -fPIE
export CFLAGS="%{optflags} %{my_cflags}"
export RSH=%{_bindir}/ssh
export DEFAULT_ARCHIVE_FORMAT="POSIX"
export DEFAULT_RMT_DIR=%{_bindir}
autoreconf -fi
%configure \
gl_cv_func_linkat_follow="yes" \
--enable-backup-scripts \
--disable-silent-rules \
--program-transform-name='s/^rmt$/gnurmt/'
%make_build LDFLAGS="-pie"
cd tests
%make_build genfile
mkdir bin
mv genfile bin
cd -
%check
%if !0%{?qemu_user_space_build:1}
# Checks disabled in qemu because of races happening when we emulate
# multi-threaded programs
%make_build check || { cat tests/testsuite.log; exit 1; }
%endif
%install
%make_install DESTDIR=%{buildroot}
mkdir %{buildroot}/bin
mv %{buildroot}%{_mandir}/man8/gnurmt.8 %{buildroot}%{_mandir}/man1/gnurmt.1
install -D -m 644 scripts/backup-specs %{buildroot}%{_sysconfdir}/backup/backup-specs
# For avoiding file conflicts with dump/restore
mv %{buildroot}%{_sbindir}/restore %{buildroot}%{_sbindir}/restore.sh
rm -f %{buildroot}%{_infodir}/dir
install -D -m 644 -t %{buildroot}%{_docdir}/%{name} README* ABOUT-NLS AUTHORS NEWS THANKS \
ChangeLog TODO
install -d -m 755 %{buildroot}%{_localstatedir}/lib/tests
cp -r tests %{buildroot}%{_localstatedir}/lib/tests/tar
rm %{buildroot}%{_localstatedir}/lib/tests/tar/*.{c,h,o}
rm %{buildroot}%{_localstatedir}/lib/tests/tar/package.m4
rm %{buildroot}%{_localstatedir}/lib/tests/tar/{atconfig,atlocal,Makefile}*
# Alternatives system
mkdir -p %{buildroot}%{_sysconfdir}/alternatives
ln -sf %{_sysconfdir}/alternatives/rmt %{buildroot}%{_bindir}/rmt
ln -sf %{_sysconfdir}/alternatives/rmt.1%{ext_man} %{buildroot}%{_mandir}/man1/rmt.1%{ext_man}
%if !0%{?usrmerged}
mkdir -p %{buildroot}/bin
ln -s %{_bindir}/%{name} %{buildroot}/bin
%endif
%find_lang %{name}
%post rmt
%{_sbindir}/update-alternatives --force \
--install %{_bindir}/rmt rmt %{_bindir}/gnurmt 10 \
--slave %{_mandir}/man1/rmt.1%{ext_man} rmt.1%{ext_man} %{_mandir}/man1/gnurmt.1%{ext_man}
%postun rmt
if [ ! -f %{_bindir}/gnurmt ] ; then
"%{_sbindir}/update-alternatives" --remove rmt %{_bindir}/gnurmt
fi
%files backup-scripts
%{_sbindir}/backup
%{_sbindir}/restore.sh
%{_libexecdir}/backup.sh
%{_libexecdir}/dump-remind
%dir %{_sysconfdir}/backup
%config(noreplace) %{_sysconfdir}/backup/backup-specs
%files lang -f %{name}.lang
%files tests
%{_localstatedir}/lib/tests
%{_docdir}/%{name}/README-tests
%files rmt
%ghost %{_bindir}/rmt
%{_bindir}/gnurmt
%ghost %{_mandir}/man1/rmt.1%{ext_man}
%{_mandir}/man1/gnurmt.1%{?ext_man}
%ghost %{_sysconfdir}/alternatives/rmt
%ghost %{_sysconfdir}/alternatives/rmt.1%{ext_man}
%files doc
%dir %{_docdir}/%{name}
%{_docdir}/%{name}/NEWS
%{_docdir}/%{name}/README
%{_docdir}/%{name}/ABOUT-NLS
%{_docdir}/%{name}/AUTHORS
%{_docdir}/%{name}/THANKS
%{_docdir}/%{name}/ChangeLog
%{_docdir}/%{name}/TODO
%{_infodir}/%{name}.info*%{?ext_info}
%files
%license COPYING
%if !0%{?usrmerged}
/bin/%{name}
%endif
%{_bindir}/%{name}
%{_mandir}/man1/%{name}.1%{?ext_man}
%changelog

36
tests-skip-time01-on-32bit-time_t.patch Normal file
View file

@ -0,0 +1,36 @@
Skip some parts of 'tests/time01.at' on some platforms.
This test fails if coreutils' touch was built with 64-bit time_t,
while tar was built with 32-bit time_t. This is currently the case
on i586, ppc and armv7l. Skip the failing last command on those
platforms.
The failure was seen since coreutils-9.0.
Discussed at:
https://lists.gnu.org/r/bug-tar/2021-10/msg00006.html
Remove this patch once tar(1) also builds with 64-bit time_t.
---
tests/time01.at | 8 ++++++++
1 file changed, 8 insertions(+)
Index: tar-1.34/tests/time01.at
===================================================================
--- tar-1.34.orig/tests/time01.at
+++ tar-1.34/tests/time01.at
@@ -61,6 +61,14 @@ do
done
tar -c -f archive.tar dir
+
+case "$( uname -m )" in
+ i686 | ppc | armv7l)
+ # "SUSE: disabled for now on platforms with 32-bit time_t"
+ AT_SKIP_TEST
+ ;;
+esac
+
tar -d -f archive.tar dir
],
[0],