Josh Paetzel wrote: > On Tuesday 28 November 2006 11:17, Sergey Matveychuk wrote: >> Please, note: http://secunia.com/advisories/23115/ >> >> A port maintainer CC'ed. > > This is one of those things where the impact is hard to determine > because the link doesn't really give much info. Ok, you can > overwrite arbitrary files.....ANY file? Or just files that the user > running gtar has write access to? If it's the first case then that's > huge. If it's the second case then who really cares. >
I'm sure it's the second case. I think it should care root mostly. But any users dislike too if there is a chance to lost their .login, .bashrc etc. An exploit is available on SecurityFocus. -- Dixi. Sem. _______________________________________________ [email protected] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-security To unsubscribe, send any mail to "[EMAIL PROTECTED]"
