This bug was fixed in the package tar - 1.35+dfsg-4ubuntu0.3
---------------
tar (1.35+dfsg-4ubuntu0.3) resolute-security; urgency=medium
* SECURITY REGRESSION: Extract files issue
- debian/patches/CVE-2026-5704-*.patch: address a regression
that makes valid files not extract in src/list.c,
tests/Makefile.am, tests/extrac32.at, tests/extrac34.at,
test/testsuite.at, src/extract.c, tests/extract23,
tests/extrac30.at (LP: #2160650).
-- Leonidas Da Silva Barbosa <[email protected]> Wed, 15 Jul
2026 08:59:43 -0300
** Changed in: tar (Ubuntu)
Status: New => Fix Released
** CVE added: https://cve.org/CVERecord?id=CVE-2026-5704
** Changed in: tar (Ubuntu)
Status: New => Fix Released
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2160650
Title:
tar after USN-8477-1 cannot extract previously valid files
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/tar/+bug/2160650/+subscriptions
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs