Thanks I have updated the status of this CVE in the Ubuntu CVE tracker.
** Changed in: tar (Ubuntu)
Status: Triaged => Fix Released
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to tar in Ubuntu.
https://bugs.launchpad.
Update to my comment, issue is applicable to versions prior to 1.32 of
TAR. Be that as it may, Jammy is not affected.
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to tar in Ubuntu.
https://bugs.launchpad.net/bugs/1810241
Tit
This issue is shown as Open on Jammy. The CVE is applicable to 1.32 and
prior versions of TAR. Jammy uses 1.34, so this status should be not
affected or closed. This was fixed in Focal in
1.30+dfsg-7ubuntu0.20.04.1. Please update the CVE status on Jammy.
--
You received this bug notification
** Changed in: tar (Ubuntu)
Importance: Undecided => High
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to tar in Ubuntu.
https://bugs.launchpad.net/bugs/1810241
Title:
NULL dereference when decompressing specially crafte
** Changed in: tar (Ubuntu)
Status: New => Triaged
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to tar in Ubuntu.
https://bugs.launchpad.net/bugs/1810241
Title:
NULL dereference when decompressing specially crafted a
Use CVE-2019-9923.
Thanks
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2019-9923
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to tar in Ubuntu.
https://bugs.launchpad.net/bugs/1810241
Title:
NULL dereferen
The attachment "patch against git head" seems to be a patch. If it
isn't, please remove the "patch" flag from the attachment, remove the
"patch" tag, and if you are a member of the ~ubuntu-reviewers,
unsubscribe the team.
[This is an automated message performed by a Launchpad user owned by
~brian
** Information type changed from Private Security to Public Security
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to tar in Ubuntu.
https://bugs.launchpad.net/bugs/1810241
Title:
NULL dereference when decompressing speciall
8 matches
Mail list logo