Skip to content

Releases: astral-sh/tokio-tar

v0.6.3

v0.6.2

Choose a tag to compare

@zanieb zanieb released this 25 Jun 17:21
Immutable release. Only release title and notes can be modified.
0ec9d6a
  • Avoid desync when mixing extensions #82

v0.6.1

Choose a tag to compare

@woodruffw woodruffw released this 27 Apr 18:23
Immutable release. Only release title and notes can be modified.
59a778a

This release addresses two advisories:

v0.6.0

Choose a tag to compare

@woodruffw woodruffw released this 23 Mar 11:24
1add8c8

What's Changed

This release addresses GHSA-6gx3-4362-rf54.

  • docs: add security considerations to the README and entry::path documentation by @tomasilluminati in #67

New Contributors

Full Changelog: v0.5.6...v0.6.0

v0.5.6

Choose a tag to compare

@woodruffw woodruffw released this 21 Oct 14:27
ae1fc1d
  • Fixed a parser desynchronization vulnerability when reading tar archives that
    contain mismatched size information in PAX/ustar headers.

    This vulnerability is being tracked as GHSA-j5gw-2vrg-8fgx
    and CVE-2025-62518.

v0.5.5

Choose a tag to compare

@woodruffw woodruffw released this 23 Sep 16:51
bf266ff
  • This is a corrective release for 0.5.4 to fix a debugging artifact that
    was accidentally left in the release.

v0.5.4

Choose a tag to compare

@woodruffw woodruffw released this 23 Sep 16:49
8e0c27d

v0.5.2

Choose a tag to compare

@charliermarsh charliermarsh released this 18 Mar 02:24
5a36e95

What's Changed

  • Enable opt-in to deny creation of symlinks outside target directory by @charliermarsh in #46

Full Changelog: v0.5.1...v0.5.2

v0.5.1

Choose a tag to compare

@charliermarsh charliermarsh released this 09 Feb 18:55
86d43db

What's Changed

  • Add test to reproduce issue in impl Stream for Entries causing filename truncation by @charliermarsh in #41
  • Avoid truncation during pending reads by @charliermarsh in #40

Full Changelog: v0.5.0...v0.5.1