This bug was fixed in the package tar - 1.34+dfsg-1.2ubuntu2
---------------
tar (1.34+dfsg-1.2ubuntu2) noble; urgency=medium
* SECURITY UPDATE: stack overflow via crafted xattr (LP: #2029464)
- debian/patches/CVE-2023-39804.patch: allocate xattr keys and values
on the heap rather than the stack in src/xheader.c
- CVE-2023-39804
-- Alex Murray <email address hidden> Tue, 05 Dec 2023 15:39:15 +1030
This bug was fixed in the package tar - 1.34+dfsg- 1.2ubuntu2
--------------- 1.2ubuntu2) noble; urgency=medium
tar (1.34+dfsg-
* SECURITY UPDATE: stack overflow via crafted xattr (LP: #2029464) patches/ CVE-2023- 39804.patch: allocate xattr keys and values
- debian/
on the heap rather than the stack in src/xheader.c
- CVE-2023-39804
-- Alex Murray <email address hidden> Tue, 05 Dec 2023 15:39:15 +1030