Your submission was sent successfully! Close

USN-709-1: tar vulnerability

15 January 2009

tar vulnerability

Releases

Packages

Details

Dmitry V. Levin discovered a buffer overflow in tar. If a user or automated
system were tricked into opening a specially crafted tar file, an attacker
could crash tar or possibly execute arbitrary code with the privileges of the
user invoking the program.

Update instructions

The problem can be corrected by updating your system to the following package versions:

Ubuntu 7.10
Ubuntu 6.06

In general, a standard system upgrade is sufficient to effect the
necessary changes.

References

Related notices