[Dump-announce] Dump/restore 0.4b51 release

SourceForge Headquarters 1320 Columbia Street Suite 310 San Diego, CA 92101 +1 (858) 422-6466

Hi everyone,

You didn't expect to hear from me again so soon but dump0.4b51 has been 
released today.

There was a potential buffer overflow introduced in restore in version 
0.4b48 (sorry!).

This doesn't affect dump and there's no problem continuing to use 0.4b48 
through 0.4b50 for backups, but people should consider upgrading to 
0.4b51 if they're restoring critical files.

Chances are, if you trip over this bug, restore will fail in obvious 
ways, but due to the nature of buffer overflows, it's possible that the 
only symptom will be a silently corrupted restored file.

You are less likely to have a problem if the tape is compressed (using 
dump's compression).

Special thankyou to Michael Orlitzky who has been porting dump to the 
musl standard library who encountered this and has been invaluable in 
helping track down this issue which I could not reproduce locally. Only 
once we'd worked out where the problem was did I manage to trigger a 
failure in valgrind.

Tim.