Ubuntu
tar package

tar 1.15.1-2ubuntu2.3 source package in Ubuntu

Changelog

tar (1.15.1-2ubuntu2.3) dapper-security; urgency=low

  * SECURITY UPDATE: stack-based buffer overflow with malicious tar files
    - src/names.c: updated src/names.c to rewrite hash_string_prefix as
      hash_string_insert_prefix and adjust safer_name_suffix to use
      hash_string_insert_prefix to avoid stack allocation
    - patch from upstream paxlib commits:
      http://git.savannah.gnu.org/gitweb/?p=paxutils.git;a=commitdiff;h=b9199bbdefd32382953dd8c01ec881e5463c5a88
      http://git.savannah.gnu.org/gitweb/?p=paxutils.git;a=commitdiff;h=64379227940699a92113e3fd7c583e705a1f849b
    - CVE-2007-4476
    - LP: #180299
  * adjust tests/pipe.at pipe the output from `tar xfv' through sort and
    regenerate tests/testsuite with autom4ke to get tests working again (how
    did it ever successfully build before?)

 -- Jamie Strandboge <email address hidden>   Wed, 14 Jan 2009 09:10:49 -0600

Upload details

Uploaded by:
Jamie Strandboge
Uploaded to:
Dapper
Original maintainer:
Bdale Garbee
Architectures:
any
Section:
base
Urgency:
Low Urgency

See full publishing history Publishing

Series Pocket Published Component Section

Downloads

File Size SHA-256 Checksum
tar_1.15.1.orig.tar.gz 2.1 MiB bb50c8272591ce4345b436f77b6010d4aa938486dd46baa297a8ad8815a43d55
tar_1.15.1-2ubuntu2.3.diff.gz 30.4 KiB 04414f1e0432e3ea16544aaaddffedcab2711915c8c6833b321f91961da4b46e
tar_1.15.1-2ubuntu2.3.dsc 582 bytes 9d935b1545a9344c15b792d832596512c81981e6d12fbe0d63ba9764865d306e

View changes file

Binary packages built by this source

tar: No summary available for tar in ubuntu dapper.

No description available for tar in ubuntu dapper.