[Git][security-tracker-team/security-tracker][master] Add fixed version via unstable for CVE-2018-20482/tar
Salvatore Bonaccorso
carnil at debian.org
Sat Jan 5 21:20:48 GMT 2019
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
3278a561 by Salvatore Bonaccorso at 2019-01-05T21:20:11Z
Add fixed version via unstable for CVE-2018-20482/tar
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -4714,7 +4714,7 @@ CVE-2018-20483 (set_file_metadata in xattr.c in GNU Wget before 1.20.1 stores a
NOTE: Introduced by: https://git.savannah.gnu.org/cgit/wget.git/commit/?id=a933bdd31eee9c956a3b5cc142f004ef1fa94cb3 (v1.19)
CVE-2018-20482 (GNU Tar through 1.30, when --sparse is used, mishandles file shrinkage ...)
{DLA-1623-1}
- - tar <unfixed> (bug #917377)
+ - tar 1.30+dfsg-3.1 (bug #917377)
[stretch] - tar <no-dsa> (Minor issue)
NOTE: https://utcc.utoronto.ca/~cks/space/blog/sysadmin/TarFindingTruncateBug
NOTE: https://news.ycombinator.com/item?id=18745431
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/3278a561e421d354e852ed9f05cd8bc72dc7a3e1
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/3278a561e421d354e852ed9f05cd8bc72dc7a3e1
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190105/398f2b9c/attachment.html>
More information about the debian-security-tracker-commits
mailing list