[Bug 2145764] Re: CVE-2026-33056: Vendored tar crate can chmod arbitrary directories by following symlinks

Brent Kerby Tue, 31 Mar 2026 14:01:00 -0700

Here are the fixes for the `rustc` package, ready for copying:

Noble: 
https://launchpad.net/~rust-toolchain/+archive/ubuntu/staging/+sourcepub/18278525/+listing-archive-extra
Jammy: 
https://launchpad.net/~rust-toolchain/+archive/ubuntu/staging/+sourcepub/18271405/+listing-archive-extra
Focal: 
https://launchpad.net/~rust-toolchain/+archive/ubuntu/staging/+sourcepub/18271467/+listing-archive-extra
Bionic: 
https://launchpad.net/~rust-toolchain/+archive/ubuntu/staging/+sourcepub/18272042/+listing-archive-extra
Xenial: 
https://launchpad.net/~rust-toolchain/+archive/ubuntu/staging/+sourcepub/18272065/+listing-archive-extra
Trusty: 
https://launchpad.net/~rust-toolchain/+archive/ubuntu/staging/+sourcepub/18272130/+listing-archive-extra


-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2145764

Title:
  CVE-2026-33056: Vendored tar crate can chmod arbitrary directories by
  following symlinks

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/asusctl/+bug/2145764/+subscriptions


-- 
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 2145764] Re: CVE-2026-33056: Vendored tar crate can chmod arbitrary directories by following symlinks

Reply via email to