#1926: Security vulnerability in tar --------------------+------------------------------------------------------- Reporter: Viper | Owner: [email protected] Type: task | Status: new Priority: normal | Milestone: 6.3 Component: Book | Version: SVN Severity: normal | Resolution: Keywords: | --------------------+------------------------------------------------------- Changes (by [EMAIL PROTECTED]):
* milestone: => 6.3 * summary: bug in tar => Security vulnerability in tar Comment: Thanks. For reference, this is CVE-2006-6097 (http://cve.mitre.org/cgi- bin/cvename.cgi?name=CVE-2006-6097). Upstream would appear to favour a different approach than that taken by the patch you linked to. See http://lists.gnu.org/archive/html/bug- tar/2006-11/msg00030.html, where it appears that they're going to remove mangle.c. I'd prefer to wait until upstream publish their recommended patch. -- Ticket URL: <http://wiki.linuxfromscratch.org/lfs/ticket/1926> LFS Trac <http://wiki.linuxfromscratch.org/lfs/> Linux From Scratch: Your Distro, Your Rules. -- http://linuxfromscratch.org/mailman/listinfo/lfs-book FAQ: http://www.linuxfromscratch.org/lfs/faq.html Unsubscribe: See the above information page
