[Secure-testing-commits] r25759 - data/CVE

Salvatore Bonaccorso carnil at moszumanska.debian.org
Sat Feb 15 21:35:30 UTC 2014


Author: carnil
Date: 2014-02-15 21:35:30 +0000 (Sat, 15 Feb 2014)
New Revision: 25759

Modified:
   data/CVE/list
Log:
Add fixed version for CVE-2013-4420/libtar

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2014-02-15 21:13:43 UTC (rev 25758)
+++ data/CVE/list	2014-02-15 21:35:30 UTC (rev 25759)
@@ -11306,7 +11306,7 @@
 	NOTE: https://secure.ucc.asn.au/hg/dropbear/rev/0bf76f54de6f
 CVE-2013-4420 [tar_extract_glob and tar_extract_all path prefix directory traversal]
 	RESERVED
-	- libtar <unfixed> (bug #731860)
+	- libtar 1.2.20-2 (bug #731860)
 CVE-2013-4419 (The guestfish command in libguestfs 1.20.12, 1.22.7, and earlier, when ...)
 	- libguestfs 1:1.22.7-1
 	[wheezy] - libguestfs 1:1.18.1-1+deb7u3




More information about the Secure-testing-commits mailing list