Thank you Alex, Steve,
The developer did not respond, so I guess Red Hat Security team decided to act
on the vulnerability advisory.
Thank you guys for following up on this.
---
Carlos
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to
Update:
CVE-2021-20193 has been assigned to this vulnerability by Red Hat
Security team.
---
Carlos
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2021-20193
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
Update
This vulnerability has been discussed with the developer.
Developer has released a public fix.
Original Post in GNU TAR Project:
https://savannah.gnu.org/bugs/?59897
Commit with fix:
https://git.savannah.gnu.org/cgit/tar.git/commit/?id=d9d4435692150fa8ff68e1b1a473d187cc3fd777
This thread
