Accepted tar 1.16-2ubuntu0.1 (source)

Ubuntu Installer archive at ubuntu.com
Tue Aug 28 20:58:11 BST 2007


Accepted:
 OK: tar_1.16.orig.tar.gz
 OK: tar_1.16-2ubuntu0.1.diff.gz
 OK: tar_1.16-2ubuntu0.1.dsc
     -> Component: main Section: base

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.7
Date: Tue, 28 Aug 2007 09:45:12 -0700
Source: tar
Binary: tar
Architecture: source
Version: 1.16-2ubuntu0.1
Distribution: feisty-security
Urgency: low
Maintainer: Ubuntu Core Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Kees Cook <kees at ubuntu.com>
Description: 
 tar        - GNU tar
Changes: 
 tar (1.16-2ubuntu0.1) feisty-security; urgency=low
 .
   * SECURITY UPDATE: directory traversal with malicious tar files.
   * src/names.c: adjust dot dot checking, patched inline.
   * References
     CVE-2007-4131
Files: 
 b82b0785568b2443a719ac8893c57a4f 671 utils required tar_1.16-2ubuntu0.1.dsc
 f9dbcc2a923a42bd50de51d85356a384 30764 utils required tar_1.16-2ubuntu0.1.diff.gz
Original-Maintainer: Bdale Garbee <bdale at gag.com>

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)

iD8DBQFG1FiDH/9LqRcGPm0RAmdBAJ4y4DfYKYZ1okICDVB+TGlFYJUFmgCgiBxi
aXzsFQiJMtrtfhlWzy69ydc=
=jjMq
-----END PGP SIGNATURE-----





More information about the feisty-changes mailing list