USN-5900-1: tar vulnerability
28 February 2023
tar could be made to crash or expose sensitive information if it received a specially crafted file.
Releases
Packages
- tar - GNU version of the tar archiving utility
Details
It was discovered that tar incorrectly handled certain files.
An attacker could possibly use this issue to expose sensitive information
or cause a crash.
Update instructions
The problem can be corrected by updating your system to the following package versions:
Ubuntu 22.10
Ubuntu 22.04
Ubuntu 20.04
Ubuntu 18.04
Ubuntu 16.04
-
tar
-
1.28-2.1ubuntu0.2+esm2
Available with Ubuntu Pro
Ubuntu 14.04
-
tar
-
1.27.1-1ubuntu0.1+esm3
Available with Ubuntu Pro
In general, a standard system update will make all the necessary changes.
References
Related notices
- USN-5900-2: tar-scripts, tar