Accepted tar 1.16-1ubuntu1 (source)
Kees Cook
kees at ubuntu.com
Mon Nov 27 23:05:11 GMT 2006
Accepted:
OK: tar_1.16-1ubuntu1.dsc
-> Component: main Section: base
OK: tar_1.16-1ubuntu1.diff.gz
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.7
Date: Wed, 22 Nov 2006 19:46:54 -0800
Source: tar
Binary: tar
Architecture: source
Version: 1.16-1ubuntu1
Distribution: feisty
Urgency: low
Maintainer: Bdale Garbee <bdale at gag.com>
Changed-By: Kees Cook <kees at ubuntu.com>
Description:
tar - GNU tar
Changes:
tar (1.16-1ubuntu1) feisty; urgency=low
.
* SECURITY UPDATE: files can be overwritten/renamed in any writable location
in the filesystem via GNUTYPE_NAMES type.
* src/extract.c: disable GNUTYPE_NAMES type processing by default since it
allows for immediate symlink creation and renames.
* src/common.h, src/tar.c: add --allow-name-mangling option to restore
default behavior.
* References
http://archives.neohapsis.com/archives/fulldisclosure/2006-11/0344.html
Files:
ba6aca87dc81f85fae3780ae9e105031 583 utils required tar_1.16-1ubuntu1.dsc
dec203111843fc33c2596899d1f11783 30453 utils required tar_1.16-1ubuntu1.diff.gz
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (GNU/Linux)
iD8DBQFFa25Ye9GwFciKvaMRAlYbAJ9aHSegzos0o7MpQb6FFwHkSnhQIwCgoJvN
XhzCfwH5wNk7RNnDja18SEg=
=g5kq
-----END PGP SIGNATURE-----
More information about the feisty-changes
mailing list