USN-5900-2: tar vulnerability
22 May 2023
tar could be made to crash or expose sensitive information if it received a specially crafted file.
Releases
Packages
- tar - GNU version of the tar archiving utility
Details
USN-5900-1 fixed vulnerabilities in tar. This update fixes it to Ubuntu 23.04.
Original advisory details:
It was discovered that tar incorrectly handled certain files.
An attacker could possibly use this issue to expose sensitive information
or cause a crash.
Update instructions
The problem can be corrected by updating your system to the following package versions:
Ubuntu 23.04
In general, a standard system update will make all the necessary changes.
References
Related notices
- USN-5900-1: tar, tar-scripts