dgit.raspbian.org Git - libzstd.git/log

W. Felix Handte [Wed, 6 Oct 2021 07:27:47 +0000 (08:27 +0100)]

fix race condition allowing attackers to access destination file

Origin: upstream
Bug: https://github.com/facebook/zstd/issues/2491
Bug-Debian: https://github.com/facebook/zstd/issues/2491
Applied-Upstream: commit:a774c5797399040af62db21d8a9b9769e005430e
Reviewed-by: Étienne Mollier <etienne.mollier@mailoo.org>
Last-Update: 2021-02-18

This commit addresses https://github.com/facebook/zstd/issues/2491.

Note that a downside of this solution is that it is global: `umask()` affects
all file creation calls in the process. I believe this is safe since
`fileio.c` functions should only ever be used in the zstd binary, and these
are (almost) the only files ever created by zstd, and AIUI they're only
created in a single thread. So we can get away with messing with global state.

Note that this doesn't change the permissions of files created by `dibio.c`.
I'm not sure what those should be...
Last-Update: 2021-02-18
Gbp-Pq: Name 0018-fix-file-permissions-on-compression.patch

commit | commitdiff | tree

Helmut Grohne [Wed, 6 Oct 2021 07:27:47 +0000 (08:27 +0100)]

Fix ftbfs on alpha, see #962676

Gbp-Pq: Name 0017-alpha-fbfs-st_mtime.patch

commit | commitdiff | tree

Alex Mestiashvili [Wed, 6 Oct 2021 07:27:47 +0000 (08:27 +0100)]

Skip test failing on GNU/Hurd when writing on /dev/zero or

/dev/random. On different GNU/Hurd installations writing to either one or
another would fail. Currently writing to /dev/random results in the message
"Computer bought the farm" and exit status 1
See also: https://github.com/facebook/zstd/issues/1116

Gbp-Pq: Name 0015-Skip-dev-random-tests-on-hurd.patch

commit | commitdiff | tree

Chris Lamb [Wed, 6 Oct 2021 07:27:47 +0000 (08:27 +0100)]

Make the build reproducible

Last-Update: 2018-05-04
Applied-Upstream: https://github.com/facebook/zstd/commit/ef1abd3c071ce42a457404ee2bca6d5bebb87f62

Gbp-Pq: Name 0014-Reproducible-build.patch

commit | commitdiff | tree

Alex Mestiashvili [Wed, 6 Oct 2021 07:27:47 +0000 (08:27 +0100)]

Skip memory heavy tests causing FTBFS on mips(el) and hurd buildds

Gbp-Pq: Name 0013-skip-memory-greedy-tests.patch

commit | commitdiff | tree

Sascha Steinbiss [Wed, 6 Oct 2021 07:27:47 +0000 (08:27 +0100)]

Do not build zlibWrapper examples against embedded code copies.

Gbp-Pq: Name 0008-Address-embedded-zlib.patch

commit | commitdiff | tree

Kevin Murray [Mon, 14 Nov 2016 00:54:32 +0000 (11:54 +1100)]

Use bash for test script portablitity

Gbp-Pq: Name 0006-Use-bash-for-test-script-portablitity.patch

commit | commitdiff | tree

Andreas Tille [Wed, 6 Oct 2021 07:27:47 +0000 (08:27 +0100)]

libzstd (1.4.8+dfsg-3) unstable; urgency=medium

  * Team upload.
  * Fix watchfile to detect new versions on github
  * Standards-Version: 4.6.0

[dgit import unpatched libzstd 1.4.8+dfsg-3]

commit | commitdiff | tree

Andreas Tille [Wed, 6 Oct 2021 07:27:47 +0000 (08:27 +0100)]

Import libzstd_1.4.8+dfsg-3.debian.tar.xz

[dgit import tarball libzstd 1.4.8+dfsg-3 libzstd_1.4.8+dfsg-3.debian.tar.xz]

commit | commitdiff | tree

Alexandre Mestiashvili [Fri, 25 Dec 2020 18:28:35 +0000 (18:28 +0000)]

Import libzstd_1.4.8+dfsg.orig.tar.xz

[dgit import orig libzstd_1.4.8+dfsg.orig.tar.xz]

Unnamed repository; edit this file 'description' to name the repository.

RSS Atom