> "Doug" == Doug Goldstein <[EMAIL PROTECTED]> writes:
Doug> If you read the lzma changelogs, it appears to imply that newer
Doug> ones won't be able to read older formats. The changelog
Doug> specifically states if a user they are handling the issue
Doug> "gracefully" by telling the user to u
On Thu, 08 May 2008 09:17:08 -0400
Doug Goldstein <[EMAIL PROTECTED]> wrote:
> Ryan Hill wrote:
> > The new lzma-utils codebase uses liblzma, written in C. It's at the
> > alpha stage but supposedly supports encoding/decoding the current
> > lzma format "well enough" (;P). It probably has some f
On Thursday 08 May 2008, Doug Goldstein wrote:
> Additionally to follow myself up, I believe one of the security
> issues was execution of arbitrary data either when untarred or just
> decompressed (assuming a specially crafted lzma file).
Can you please point me to the location where this is men
Ciaran McCreesh <[EMAIL PROTECTED]> writes:
> You miss my point. GNU tar sometimes changes its on disk format (and
> will be doing so again at some point for xattrs)
It's not really important to the discussion, but...
The TAR format is designed as such that on disk formats can be extended
withou
Ciaran McCreesh wrote:
On Thu, 08 May 2008 09:32:34 -0400
Doug Goldstein <[EMAIL PROTECTED]> wrote:
Ciaran McCreesh wrote:
On Thu, 08 May 2008 09:17:08 -0400
Doug Goldstein <[EMAIL PROTECTED]> wrote:
It's troubling to me that projects are using lzma when it's on disk
format isn'
Doug Goldstein wrote:
Ciaran McCreesh wrote:
On Thu, 08 May 2008 09:17:08 -0400
Doug Goldstein <[EMAIL PROTECTED]> wrote:
It's troubling to me that projects are using lzma when it's on disk
format isn't even final and the project has security issues.
You mean projects like 'GNU tar'?
On Thu, 08 May 2008 09:32:34 -0400
Doug Goldstein <[EMAIL PROTECTED]> wrote:
> Ciaran McCreesh wrote:
> > On Thu, 08 May 2008 09:17:08 -0400
> > Doug Goldstein <[EMAIL PROTECTED]> wrote:
> >> It's troubling to me that projects are using lzma when it's on disk
> >> format isn't even final and the pr
Ciaran McCreesh wrote:
On Thu, 08 May 2008 09:17:08 -0400
Doug Goldstein <[EMAIL PROTECTED]> wrote:
It's troubling to me that projects are using lzma when it's on disk
format isn't even final and the project has security issues.
You mean projects like 'GNU tar'?
As far as I know Ci
On Thu, 08 May 2008 09:17:08 -0400
Doug Goldstein <[EMAIL PROTECTED]> wrote:
> It's troubling to me that projects are using lzma when it's on disk
> format isn't even final and the project has security issues.
You mean projects like 'GNU tar'?
--
Ciaran McCreesh
signature.asc
Description: PGP
Ryan Hill wrote:
On Wed, 07 May 2008 16:23:12 +0300
Mart Raudsepp <[EMAIL PROTECTED]> wrote:
Hello,
Over the course of this year, a lzma-utils buildtime dependency has
been added to a few system packages, to handle .tar.lzma tarballs.
This has huge implications on the requirement of the sys
> On Thu, 08 May 2008, Diego 'Flameeyes' Pettenò wrote:
>>> So it would also be possible to compile "lzmadec" without any need
>>> for C++. Just call "make" in subdirs liblzmadec and lzmadec.
>>
>> What about USE=decode-only or something similar for lzma-utils,
>> then? If desired, it could e
Graham Murray <[EMAIL PROTECTED]> writes:
> Should that be USE=-cxx? The help for USE=cxx says that this builds
> support for C++.
It was meant as setting a cxx USE on the ebuild, I wasn't certainly
meaning to disable the C++ parts with USE=cxx enabled ;)
--
Diego "Flameeyes" Pettenò
http://blo
[EMAIL PROTECTED] (Diego 'Flameeyes' Pettenò) writes:
> USE=cxx should do just fine, it will disable the C++-related parts,
> whatever they are. Sincerely I'd quite like to enable it on my vserver's
> build chroots too.
Should that be USE=-cxx? The help for USE=cxx says that this builds
support f
Duncan <[EMAIL PROTECTED]> writes:
>> So it would also be possible to compile "lzmadec" without any need for
>> C++. Just call "make" in subdirs liblzmadec and lzmadec.
>
> What about USE=decode-only or something similar for lzma-utils, then? If
> desired, it could even be masked on "normal" pro
Ulrich Mueller <[EMAIL PROTECTED]> posted
[EMAIL PROTECTED], excerpted below, on
Wed, 07 May 2008 16:55:39 +0200:
> The decoder of lzma-utils is also written in C only.
>
> So it would also be possible to compile "lzmadec" without any need for
> C++. Just call "make" in subdirs liblzmadec and lz
On Wed, 07 May 2008 16:23:12 +0300
Mart Raudsepp <[EMAIL PROTECTED]> wrote:
> Hello,
>
> Over the course of this year, a lzma-utils buildtime dependency has
> been added to a few system packages, to handle .tar.lzma tarballs.
> This has huge implications on the requirement of the system toolchain
16 matches
Mail list logo
