[ 14:44 naddy  ]

• 1.48 archivers/gtar/Makefile
• 1.14 archivers/gtar/distinfo
• 1.4 archivers/gtar/files/patch-configure
• 1.2 archivers/gtar/files/patch-lib_Makefile.in
• 1.3 archivers/gtar/files/patch-src::compare.c
• 1.3 archivers/gtar/files/patch-src::create.c
• 1.2 archivers/gtar/files/patch-src_tar.c
• 1.3 archivers/gtar/files/patch-src_xheader.c
• 1.1 archivers/gtar/files/patch-tests_testsuite
• 1.13 archivers/gtar/pkg-plist

Update to 1.16.  User-visible changes:

Incompatible changes:
* No globbing by default when extracting from or listing an archive.
* -l is now an alias of --check-links

Miscellaneous new options and bug fixes.  For a complete list, see
http://lists.gnu.org/archive/html/bug-tar/2006-10/msg00031.html

[ 20:33 naddy  ]

• 1.2 archivers/gtar/files/patch-src_xheader.c

Fix build on 4.x.

PR:             94084
Submitted by:   Tod McQuillin <devin@spamcop.net>

[ 14:59 naddy  ]

• 1.47 archivers/gtar/Makefile
• 1.1 archivers/gtar/files/patch-src_xheader.c

Fix a buffer overflow, caused by improper bounds checking of the
PAX extended headers.  By tricking a user into processing a specially
crafted tar archive, this could be exploited to execute arbitrary
code with the privileges of the user.

Security:       CVE-2006-0300
Approved by:    portmgr (erwin)
Obtained from:  Ubuntu