Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
3278a561 by Salvatore Bonaccorso at 2019-01-05T21:20:11Z
Add fixed version via unstable for CVE-2018-20482/tar
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -4714,7 +4714,7 @@ CVE-2018-20483 (set_file_metadata in xattr.c in GNU Wget
before 1.20.1 stores a
NOTE: Introduced by:
https://git.savannah.gnu.org/cgit/wget.git/commit/?id=a933bdd31eee9c956a3b5cc142f004ef1fa94cb3
(v1.19)
CVE-2018-20482 (GNU Tar through 1.30, when --sparse is used, mishandles file
shrinkage ...)
{DLA-1623-1}
- - tar <unfixed> (bug #917377)
+ - tar 1.30+dfsg-3.1 (bug #917377)
[stretch] - tar <no-dsa> (Minor issue)
NOTE:
https://utcc.utoronto.ca/~cks/space/blog/sysadmin/TarFindingTruncateBug
NOTE: https://news.ycombinator.com/item?id=18745431
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/3278a561e421d354e852ed9f05cd8bc72dc7a3e1
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/3278a561e421d354e852ed9f05cd8bc72dc7a3e1
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
