Branches for Hoary

Author: Bdale Garbee
Revision Date: 2004-08-03 08:22:17 UTC

* patch from Paul Eggert that does a better job of eliminating the
  dependency on (buggy) valloc, closes: #234422, #248897
* patch for typo in upstream po/de.po, closes: #154511
* switch from dh_installmanpages to dh_installman

Author: Martin Pitt
Revision Date: 2006-02-23 10:27:25 UTC

* SECURITY UPDATE: Arbitrary code execution with crafted tar files.
* src/xheader.c:
  - Add a new function decode_num() which wraps xstrtoumax() and adds
    boundary and sanity checking.
  - Use decode_num() instead of xstrtoumax() in the code to avoid buffer
    overflows on excessively large field values like GNU.sparse.numblocks.
  - Patch taken from upstream CVS.
* CVE-2006-0300