Accepted tar 1.15.91-2ubuntu0.3 (ia64_translations ia64)
Ubuntu Installer
archive at ubuntu.com
Thu Mar 1 07:57:39 GMT 2007
Accepted:
OK: tar_1.15.91-2ubuntu0.3_ia64.deb
OK: tar_1.15.91-2ubuntu0.3_ia64_translations.tar.gz
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.7
Date: Fri, 24 Nov 2006 12:48:25 -0800
Source: tar
Binary: tar
Architecture: ia64_translations ia64
Version: 1.15.91-2ubuntu0.3
Distribution: edgy-security
Urgency: low
Maintainer: Ubuntu/ia64 Build Daemon <buildd at weddell.buildd>
Changed-By: Kees Cook <kees at ubuntu.com>
Description:
tar - GNU tar
Changes:
tar (1.15.91-2ubuntu0.3) edgy-security; urgency=low
.
* SECURITY UPDATE: files can be overwritten/renamed in any writable location
in the filesystem via GNUTYPE_NAMES type.
* src/extract.c: disable GNUTYPE_NAMES type processing by default since it
allows for immediate symlink creation and renames.
* src/common.h, src/tar.c: add --allow-name-mangling option to restore
default behavior.
* debian/rules: lowered optimization level on i386 for testcase #29.
* References
http://archives.neohapsis.com/archives/fulldisclosure/2006-11/0344.html
CVE-2006-6097
Files:
92549dba7b269ee397c5dfb624231a02 454166 utils required tar_1.15.91-2ubuntu0.3_ia64.deb
71c11d6f4ed7bcce60183c19a171506a 951071 raw-translations - tar_1.15.91-2ubuntu0.3_ia64_translations.tar.gz
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2.2 (GNU/Linux)
iD8DBQFF5dC90N0xjzyQZEIRAvecAJwKeHshZahVYLraeUc1hUJWsXE45wCfRa5v
DeemOJ6Bv0GrtLpsdYp9P/0=
=2BFS
-----END PGP SIGNATURE-----
More information about the edgy-changes
mailing list