Download
| Alert*
oval:org.secpod.oval:def:1801285
GNU Tar through 1.30, when --sparse is used, mishandles file shrinkage during read access, which allows local users to cause a denial of service by modifying a file that is supposed to be archived by a different user"s process . oval:org.secpod.oval:def:1801286 GNU Tar through 1.30, when --sparse is used, mishandles file shrinkage during read access, which allows local users to cause a denial of service by modifying a file that is supposed to be archived by a different user"s process . oval:org.secpod.oval:def:1801289 GNU Tar through 1.30, when --sparse is used, mishandles file shrinkage during read access, which allows local users to cause a denial of service by modifying a file that is supposed to be archived by a different user"s process . oval:org.secpod.oval:def:2103511 GNU Tar through 1.30, when --sparse is used, mishandles file shrinkage during read access, which allows local users to cause a denial of service (infinite read loop in sparse_dump_region in sparse.c) by modifying a file that is supposed to be archived by a different user"s process (e.g., a system ba ... oval:org.secpod.oval:def:70340 tar: GNU version of the tar archiving utility Several security issues were fixed in tar. oval:org.secpod.oval:def:89003270 This update for tar to version 1.27.1 fixes the following issues: tar 1.27.1 brings following changes * Sparse files with large data * No backticks in quoting * --owner and --group names and numbers * Support for POSIX ACLs, extended attributes and SELinux context. * Passing command line arguments ... oval:org.secpod.oval:def:705850 tar: GNU version of the tar archiving utility Several security issues were fixed in tar. oval:org.secpod.oval:def:1900035 GNU Tar through 1.30, when --sparse is used, mishandles file shrinkage during read access, which allows local users to cause a denial of service by modifying a file that is supposed to be archived by a different user"s process . oval:org.secpod.oval:def:89000375 This update for tar fixes the following issues: Security issues fixed: - CVE-2019-9923: Fixed a denial of service while parsing certain archives with malformed extended headers in pax_decode_header . - CVE-2018-20482: Fixed a denial of service when the "--sparse" option mishandles file shrinkage dur ... oval:org.secpod.oval:def:50591 GNU Tar through 1.30, when --sparse is used, mishandles file shrinkage during read access, which allows local users to cause a denial of service (infinite read loop in sparse_dump_region in sparse.c) by modifying a file that is supposed to be archived by a different user's process (e.g., a system ba ... oval:org.secpod.oval:def:89047405 This update for tar fixes the following issues: - CVE-2021-20193: Fixed a memory leak in read_header in list.c . - CVE-2019-9923: Fixed a null-pointer dereference in pax_decode_header in sparse.c . - CVE-2018-20482: Fixed infinite read loop in sparse_dump_region in sparse.c . - Update to GNU tar 1.3 ... oval:org.secpod.oval:def:2001000 GNU Tar through 1.30, when --sparse is used, mishandles file shrinkage during read access, which allows local users to cause a denial of service by modifying a file that is supposed to be archived by a different user"s process . |