CVSROOT: /cvs
Module name: src
Changes by: [email protected] 2018/06/18 18:43:10
Modified files:
gnu/usr.bin/perl/cpan/Archive-Tar/lib/Archive: Tar.pm
Log message:
Avoid Archive::Tar directory traversal
Addresses CVE-2018-12015
>From Silamael <silamael () coronamundi ! de>
Original bug reports:
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=900834
https://rt.cpan.org/Public/Bug/Display.html?id=125523
Original commit with the fix:
https://github.com/jib/archive-tar-new/commit/ae65651eab053fc6dc4590dbb863a268215c1fc5
OK bluhm@, they should already be committed! deraadt@
