[Git][security-tracker-team/security-tracker][master] Add fixed version via unstable for CVE-2018-20482/tar

Salvatore Bonaccorso carnil at debian.org
Sat Jan 5 21:20:48 GMT 2019


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
3278a561 by Salvatore Bonaccorso at 2019-01-05T21:20:11Z
Add fixed version via unstable for CVE-2018-20482/tar

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -4714,7 +4714,7 @@ CVE-2018-20483 (set_file_metadata in xattr.c in GNU Wget before 1.20.1 stores a
 	NOTE: Introduced by: https://git.savannah.gnu.org/cgit/wget.git/commit/?id=a933bdd31eee9c956a3b5cc142f004ef1fa94cb3 (v1.19)
 CVE-2018-20482 (GNU Tar through 1.30, when --sparse is used, mishandles file shrinkage ...)
 	{DLA-1623-1}
-	- tar <unfixed> (bug #917377)
+	- tar 1.30+dfsg-3.1 (bug #917377)
 	[stretch] - tar <no-dsa> (Minor issue)
 	NOTE: https://utcc.utoronto.ca/~cks/space/blog/sysadmin/TarFindingTruncateBug
 	NOTE: https://news.ycombinator.com/item?id=18745431



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/3278a561e421d354e852ed9f05cd8bc72dc7a3e1

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/3278a561e421d354e852ed9f05cd8bc72dc7a3e1
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190105/398f2b9c/attachment.html>


More information about the debian-security-tracker-commits mailing list