Subject: Re: gtar update ?
To: None <email@example.com>
From: Xavier HUMBERT <firstname.lastname@example.org>
Date: 11/12/2002 10:39:38
[Sorry for breaking the thread, I answer from work, based on the Web
archive, which does not presen Message-IDs]
At 11/12/2002 08:09:50 Hauke Fath wrote :
> At 23:48 Uhr +0100 11.11.2002, Manuel Bouyer wrote:
>>is there anybody working on an update of the gtar package ?
>>complains about it ...
> If you do, please make sure the update does not break Amanda. It is
> least, used to be) picky about the gnutar version.
Alas, it probably does.
Today, I found weekly backup failed at the very same point than does pax
(modified files), as I noted in 'bin/18959'. It is a FreeBSD box, where
tar (gnutar) has been upgraded to the "secure" version last week, when I
upgraded to STABLE.
At 04:17 +0100 09/11/2002, email@example.com wrote:
> /usr/bin/tar: ./var/dnews/work/dbi.idx: file changed as we read it
> /usr/bin/tar: ./var/run/log: socket ignored
> Total bytes written: 41492480 (40MB, 2.1MB/s)
> /usr/bin/tar: Error exit delayed from previous errors
> Error 2 while archiving /var/tmp/backup/2002-11-09-var.tar
In the same time, backups on NetBSD, with gtar 1.12 ran fine
So I urge you NOT TO upgrade gnutar, unless there is a fix for this new
And, BTW, this "security fix" seems useless to me : the same way you
do not launch EXE files without checking them, you do not install
unknown tarballs without listing them first, don't you ?
First security breech is *always* the user. Forgetting this leads to the
problem we are facing today.
Xavier HUMBERT - Systemes et Reseaux | firstname.lastname@example.org
INJEP | email@example.com