Comment 8 for bug 180299

Common Vulnerabilities and Exposures assigned an identifier CVE-2007-4476
to the following vulnerability:

Bug in the safer_name_suffix function in GNU tar may lead to a "crashing
stack". It can be used to crash tar while extracting archive containing file
with long name containing unsafe prefix.

Affected function is also part of cpio source code.

References:

http://www.novell.com/linux/security/advisories/2007_18_sr.html
http://lists.gnu.org/archive/html/bug-cpio/2007-08/msg00002.html