* Fix CVE-2015-1197
* Fix CVE-2016-2037
* Fix CVE-2019-14866
* Remove --extract-over-symlinks option again, which was part of an earlier
non-upstream fix for CVE-2015-1197.
Heap-based buffer overflow allows remote rmt servers to cause a
denial of service (memory corruption) or possibly execute arbitrary
code by sending more data than was requested.
with jasper@
* Option --owner can be used in copy-out mode, allowing to uniformly
override ownership of the files being added to the archive.
* Symlinks were handled incorrectly in copy-out mode.
* Fix handling of large files.
* Fix setting the file permissions in copy-out mode.
* Honor umask when creating intermediate directories, not specified
in the archive.
* Improved error checking and diagnostics
* Fixed CAN-1999-1572
* Allow to use --sparse in both copy-in and copy-pass.
* Fix bug that eventually caused copying out the same hard-linked file
several times to archive.
From: Rui Reis
