Nome do pacote
libtar
Data
2013-10-18
ID Alerta
MDVSA-2013:253
Versões afetadas
MES5 i586 , MBS1 x86_64 , MES5 x86_64

Descrição do problema

Updated libtar packages fixes security vulnerability:

Two heap-based buffer overflow flaws were found in the way libtar
handled certain archives. If a user were tricked into expanding a
specially-crafted archive, it could cause the libtar executable or an
application using libtar to crash or, potentially, execute arbitrary
code (CVE-2013-4397).

Pacotes atualizados

MES5 i586

 fc5de91cbfbe6ef4887508950228917f  mes5/i586/libtar-1.2.11-8.1mdvmes5.2.i586.rpm
 51344632af14453cbcbe965b7c399f54  mes5/i586/libtar-devel-1.2.11-8.1mdvmes5.2.i586.rpm 
 89a4b3aecbad9877387083d7d8beb338  mes5/SRPMS/libtar-1.2.11-8.1mdvmes5.2.src.rpm

MBS1 x86_64

 ffa99a374bd177f1d2945781c5ef27aa  mbs1/x86_64/libtar-1.2.11-11.1.mbs1.x86_64.rpm
 d9017890822440d08a1c6fea588b58f3  mbs1/x86_64/libtar-devel-1.2.11-11.1.mbs1.x86_64.rpm 
 cf4340715eac00d62d97ce5c242e13d2  mbs1/SRPMS/libtar-1.2.11-11.1.mbs1.src.rpm

MES5 x86_64

 dd7147087f499c1820af6fd133deb67c  mes5/x86_64/libtar-1.2.11-8.1mdvmes5.2.x86_64.rpm
 500ab433962e2858127dc355b4449264  mes5/x86_64/libtar-devel-1.2.11-8.1mdvmes5.2.x86_64.rpm 
 89a4b3aecbad9877387083d7d8beb338  mes5/SRPMS/libtar-1.2.11-8.1mdvmes5.2.src.rpm

Referências