Source: tar Version: 1.34+dfsg-1 Severity: important Tags: security upstream X-Debbugs-Cc: car...@debian.org, Debian Security Team <t...@security.debian.org>
Hi, The following vulnerability was published for tar. CVE-2023-39804[0]: | Incorrectly handled extension attributes in PAX archives can lead to | a crash If you fix the vulnerability please also make sure to include the CVE (Common Vulnerabilities & Exposures) id in your changelog entry. For further information see: [0] https://security-tracker.debian.org/tracker/CVE-2023-39804 https://www.cve.org/CVERecord?id=CVE-2023-39804 [1] https://git.savannah.gnu.org/cgit/tar.git/commit/?id=a339f05cd269013fa133d2f148d73f6f7d4247e4 Regards, Salvatore