Thanks I have updated the status of this CVE in the Ubuntu CVE tracker.
** Changed in: tar (Ubuntu)
Status: Triaged => Fix Released
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to the bug report.
This issue has sat with a status of 'Incomplete' for over four years now
without any response so it is being closed. The upstream bug report is
still open although this feature is unlikely to be implemented by either
Mozilla or Ubuntu.
Closing as "Invalid" but probably should be "Won't Fix".
**
Update to my comment, issue is applicable to versions prior to 1.32 of
TAR. Be that as it may, Jammy is not affected.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to the bug report.
https://bugs.launchpad.net/bugs/1810241
Title:
NULL
This issue is shown as Open on Jammy. The CVE is applicable to 1.32 and
prior versions of TAR. Jammy uses 1.34, so this status should be not
affected or closed. This was fixed in Focal in
1.30+dfsg-7ubuntu0.20.04.1. Please update the CVE status on Jammy.
--
You received this bug notification