Currently the ~arch version of tar is broken on uclibc/x86. No idea if other arches are also affected. It renders a system useless by unpacking the binary packages without *any* permissions.
The way this package breaks and the steps to reproduce are easy. First make a backup of a good tar binary. merge the .91 and simply extract a tarball which contains ../../ style symlinks. Any file which contains the ../../ style symlinks will be extracted as a 0 byte file with the perms of 0000 For testing I used the libc itself. This package is p.masked in our uclibc profiles top level now.
*** Bug 143206 has been marked as a duplicate of this bug. ***
Same thing happens with tar-1.16-r2, current stable. Please mask >=app-arch/tar-1.15.91 for uClibc.
(In reply to comment #3) > Same thing happens with tar-1.16-r2, current stable. Please mask > >=app-arch/tar-1.15.91 for uClibc. Done.
*** Bug 157290 has been marked as a duplicate of this bug. ***
not a bug in tar, uClibc's stat() function screws up nano seconds in the time struct
Created attachment 103765 [details] stat test showing nsec's being garbage
ive fixed this in 0.9.28.1
(In reply to comment #4) > (In reply to comment #3) > > Same thing happens with tar-1.16-r2, current stable. Please mask > > >=app-arch/tar-1.15.91 for uClibc. > > Done. > As the bug is fixed in uclibc, can you unmask tar in profiles/uclibc/package.mask ? thanks in advance, Aurélien