Parent Directory | Revision Log
MGASA-2019-0034: tar-1.31-1.mga6
1 | type: security |
2 | subject: GNU tar has been updated to fix CVE-2018-20482 |
3 | CVE: |
4 | - CVE-2018-20482 |
5 | src: |
6 | 6: |
7 | core: |
8 | - tar-1.31-1.mga6 |
9 | description: | |
10 | GNU Tar through 1.30, when --sparse is used, mishandles file shrinkage |
11 | during read access, which allows local users to cause a denial of |
12 | service (infinite read loop in sparse_dump_region in sparse.c) by |
13 | modifying a file that is supposed to be archived by a different user's |
14 | process (e.g., a system backup running as root). |
15 | references: |
16 | - https://bugs.mageia.org/show_bug.cgi?id=24117 |
17 | - https://lists.gnu.org/archive/html/bug-tar/2019-01/msg00000.html |
18 | ID: MGASA-2019-0034 |
ViewVC Help | |
Powered by ViewVC 1.1.30 |