aru Posted February 22, 2006 Report Share Posted February 22, 2006 Mandriva Advisories MDKSA-2006:046 : tar Updated tar packages fix vulnerability February 21st, 2006 Gnu tar versions 1.14 and above have a buffer overflow vulnerability and some other issues including: - Carefully crafted invalid headers can cause buffer overrun. - Invalid header fields go undiagnosed. - Some valid time strings are ignored. The updated packages have been patched to address this issue. The released versions of Mandriva GNU/Linux affected are: 10.1 10.2 2006.0 Full information about this advisory, including the updated packages, is available at: wwwnew.mandriva.com/security/advisories?name=MDKSA-2006:046 Other references: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0300 Posted automatically by aru (mdksec2mub v: mdksec2mub,v 0.15 2005/11/24 16:53:12 aru Exp aru $) Link to comment Share on other sites More sharing options...
Recommended Posts