Hosting Provided By

Re: Bug#439335: CVE-2007-4131: GNU tar Directory Traversal

From: <paddy(at)panici.net>
Date: Wed Dec 19 2007 - 17:51:35 EST

previously ...

Nico Golde <nion@debian.org> [Sun, 9 Sep 2007 14:30:06 +0200]:
> Hi,
> * Sylvain Beucler <beuc@gnu.org> [2007-09-09 13:56]:
> > Was this forwarded to the Stable security team?
> >
> > If I'm given a tarball that can replace /etc/passwd, I'd say this is
> > grave bug.
>
> This bug is monitored via the security tracker:
> http://security-tracker.debian.net/tracker/CVE-2007-4131
> So they should be aware of it.

just noticed this going past in an osx update and had a "what ever happenned to that?" moment.

Regards,
Paddy

-- 
To UNSUBSCRIBE, email to debian-security-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org

Received on Wed Dec 19 17:55:02 2007

This message: [ Message body ]
Next message: Stephen Gran: "Re: [SECURITY] [DSA 1435-1] New clamav packages fix several vulnerabilities"
Previous message: Dominic Hargreaves: "Re: [SECURITY] [DSA 1435-1] New clamav packages fix several vulnerabilities"

Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ] [ By messages with attachments ]

This archive was generated by hypermail 2.1.8 : Wed Mar 19 2008 - 06:54:37 EDT