Accepted:
OK: tar_1.15.91-2ubuntu0.3_ia64.deb
OK: tar_1.15.91-2ubuntu0.3_ia64_translations.tar.gz
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.7
Date: Fri, 24 Nov 2006 12:48:25 -0800
Source: tar
Binary: tar
Architecture: ia64_translations ia64
Version: 1.15.91-2ubuntu0.3
Distribution: edgy-security
Urgency: low
Maintainer: Ubuntu/ia64 Build Daemon <[EMAIL PROTECTED]>
Changed-By: Kees Cook <[EMAIL PROTECTED]>
Description:
tar - GNU tar
Changes:
tar (1.15.91-2ubuntu0.3) edgy-security; urgency=low
.
* SECURITY UPDATE: files can be overwritten/renamed in any writable location
in the filesystem via GNUTYPE_NAMES type.
* src/extract.c: disable GNUTYPE_NAMES type processing by default since it
allows for immediate symlink creation and renames.
* src/common.h, src/tar.c: add --allow-name-mangling option to restore
default behavior.
* debian/rules: lowered optimization level on i386 for testcase #29.
* References
http://archives.neohapsis.com/archives/fulldisclosure/2006-11/0344.html
CVE-2006-6097
Files:
92549dba7b269ee397c5dfb624231a02 454166 utils required
tar_1.15.91-2ubuntu0.3_ia64.deb
71c11d6f4ed7bcce60183c19a171506a 951071 raw-translations -
tar_1.15.91-2ubuntu0.3_ia64_translations.tar.gz
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2.2 (GNU/Linux)
iD8DBQFF5dC90N0xjzyQZEIRAvecAJwKeHshZahVYLraeUc1hUJWsXE45wCfRa5v
DeemOJ6Bv0GrtLpsdYp9P/0=
=2BFS
-----END PGP SIGNATURE-----
--
edgy-changes mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/edgy-changes
