-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 A malicious tar archive could trigger a Buffer overflow in GNU tar, potentially resulting in the execution of arbitrary code.
Solution: apply this patch to 1.15.1: http://www.gentoo.org/cgi-bin/viewcvs.cgi/*checkout*/app-arch/tar/files/tar-CVE-2006-0300.patch More information: http://www.gentoo.org/security/en/glsa/glsa-200603-06.xml http://bugs.gentoo.org/show_bug.cgi?id=123038 http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0300 Yaakov -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2.1 (Cygwin) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFEEd5VpiWmPGlmQSMRAu5IAKDFtPhW6PLH+ePIJa6C0z5WyfzYKgCeKFIs fj+yeXuEnJjZlOz6tIaqrCI= =tweg -----END PGP SIGNATURE-----
