Nom du paquet
tar
Date
2002-10-10
Advisory ID
MDKSA-2002:066
Affected versions
8.1 i586 , SNF7.2 i586 , CS1.0 i586 , 8.1 i586 , 8.0 i586 , 9.0 i586 , 8.2 i586 , 8.0 i586 , 8.2 i586 , 7.1 i586 , 7.2 i586

Problem description

A directory traversal vulnerability was discovered in GNU tar version 1.13.25 and earlier that allows attackers to overwrite arbitrary files during extraction of the archive by using a ".." (dot dot) in an extracted filename.

Updated packages

8.1 i586

 e2e780f9f79e5584c53bcb0697a17e1b  ia64/8.1/RPMS/tar-1.13.25-6.2mdk.ia64.rpm
5adf700af4dbd0c483e2957a2006bbbe  ia64/8.1/SRPMS/tar-1.13.25-6.2mdk.src.rpm

SNF7.2 i586

 e38601b4cf24280c95110c2bb1295860  snf7.2/RPMS/tar-1.13.25-6.2mdk.i586.rpm
5adf700af4dbd0c483e2957a2006bbbe  snf7.2/SRPMS/tar-1.13.25-6.2mdk.src.rpm

CS1.0 i586

 e38601b4cf24280c95110c2bb1295860  1.0.1/RPMS/tar-1.13.25-6.2mdk.i586.rpm
5adf700af4dbd0c483e2957a2006bbbe  1.0.1/SRPMS/tar-1.13.25-6.2mdk.src.rpm

8.1 i586

 271575323590cc758886bd0381d873c1  8.1/RPMS/tar-1.13.25-6.2mdk.i586.rpm
5adf700af4dbd0c483e2957a2006bbbe  8.1/SRPMS/tar-1.13.25-6.2mdk.src.rpm

8.0 i586

 af16a2a8baa2102e329a9544e5493ab6  8.0/RPMS/tar-1.13.25-6.2mdk.i586.rpm
5adf700af4dbd0c483e2957a2006bbbe  8.0/SRPMS/tar-1.13.25-6.2mdk.src.rpm

9.0 i586

 6486eaafa407b7ee1938b0aa77fecb57  9.0/RPMS/tar-1.13.25-6.2mdk.i586.rpm
5adf700af4dbd0c483e2957a2006bbbe  9.0/SRPMS/tar-1.13.25-6.2mdk.src.rpm

8.2 i586

 b75828f0b5158a86477a044cc79b4de8  8.2/RPMS/tar-1.13.25-6.2mdk.i586.rpm
5adf700af4dbd0c483e2957a2006bbbe  8.2/SRPMS/tar-1.13.25-6.2mdk.src.rpm

8.0 i586

 538e014cf4eb5e88899627a4a7a481df  ppc/8.0/RPMS/tar-1.13.25-6.2mdk.ppc.rpm
5adf700af4dbd0c483e2957a2006bbbe  ppc/8.0/SRPMS/tar-1.13.25-6.2mdk.src.rpm

8.2 i586

 c37e2b421019e126ac3a63ca7aa42cd6  ppc/8.2/RPMS/tar-1.13.25-6.2mdk.ppc.rpm
5adf700af4dbd0c483e2957a2006bbbe  ppc/8.2/SRPMS/tar-1.13.25-6.2mdk.src.rpm

7.1 i586

 e38601b4cf24280c95110c2bb1295860  7.1/RPMS/tar-1.13.25-6.2mdk.i586.rpm
5adf700af4dbd0c483e2957a2006bbbe  7.1/SRPMS/tar-1.13.25-6.2mdk.src.rpm

7.2 i586

 e38601b4cf24280c95110c2bb1295860  7.2/RPMS/tar-1.13.25-6.2mdk.i586.rpm
5adf700af4dbd0c483e2957a2006bbbe  7.2/SRPMS/tar-1.13.25-6.2mdk.src.rpm

References