Format: 1.7
Date: Thu, 23 Feb 2006 11:07:05 +0100
Source: tar
Binary: tar
Architecture: i386
Version: 1.15.1-2ubuntu1
Distribution: autobuild
Urgency: low
Maintainer: Ubuntu/i386 Build Daemon <buildd@vernadsky.buildd>
Changed-By: Martin Pitt <martin.pitt@ubuntu.com>
Description: 
 tar        - GNU tar
Changes: 
 tar (1.15.1-2ubuntu1) dapper; urgency=low
 .
   * SECURITY UPDATE: Arbitrary code execution with crafted tar files.
   * src/xheader.c:
     - Add a new function decode_num() which wraps xstrtoumax() and adds
       boundary and sanity checking.
     - Use decode_num() instead of xstrtoumax() in the code to avoid buffer
       overflows on excessively large field values like GNU.sparse.numblocks.
     - Patch taken from upstream CVS.
   * CVE-2006-0300
Files: 
 5ea9395cf4078cf00c602aafc8f51362 518784 base required tar_1.15.1-2ubuntu1_i386.deb