Accepted tar 1.15.91-2ubuntu0.4 (source)
Ubuntu Installer
archive at ubuntu.com
Tue Aug 28 20:58:02 BST 2007
Accepted:
OK: tar_1.15.91.orig.tar.gz
OK: tar_1.15.91-2ubuntu0.4.diff.gz
OK: tar_1.15.91-2ubuntu0.4.dsc
-> Component: main Section: base
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.7
Date: Tue, 28 Aug 2007 09:45:12 -0700
Source: tar
Binary: tar
Architecture: source
Version: 1.15.91-2ubuntu0.4
Distribution: edgy-security
Urgency: low
Maintainer: Bdale Garbee <bdale at gag.com>
Changed-By: Kees Cook <kees at ubuntu.com>
Description:
tar - GNU tar
Changes:
tar (1.15.91-2ubuntu0.4) edgy-security; urgency=low
.
* SECURITY UPDATE: directory traversal with malicious tar files.
* src/names.c: adjust dot dot checking, patched inline.
* References
CVE-2007-4131
Files:
31b32f0fc8de2c1831c4fe5ee08605fe 596 utils required tar_1.15.91-2ubuntu0.4.dsc
137870e841e8747620d21dcd74c53605 17154 utils required tar_1.15.91-2ubuntu0.4.diff.gz
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
iD8DBQFG1FiDH/9LqRcGPm0RAmK3AKCD9FK9moDryvKvffN0QyXOwSBlowCfT0/b
OVB6X3qp8wDbd6z35i9yjMM=
=i7/2
-----END PGP SIGNATURE-----
More information about the edgy-changes
mailing list