Create an account

Subscribe to LWN

An unexpected perf feature

LWN.net Weekly Edition for May 16, 2013

A look at the PyPy 2.0 release

PostgreSQL 9.3 beta: Federated databases and more

LWN.net Weekly Edition for May 9, 2013

Weekly edition	Kernel	Security	Distributions	Contact Us	Search
Archives	Calendar	Subscribe	Write for LWN	LWN.net FAQ	Sponsors

Archive::Tar: directory traversal

Package(s):

Archive-Tar

CVE #(s):

CVE-2007-4829

Created:

December 10, 2008

Updated:

July 22, 2010

Description:

The Archive::Tar perl module, prior to version 1.40, suffers from a directory traversal vulnerability exploitable via a specially-crafted tar file.

Alerts:

CentOS	CESA-2010:0505	2010-07-21
CentOS	CESA-2010:0505	2010-07-12
Red Hat	RHSA-2010:0505-01	2010-07-01
Fedora	FEDORA-2009-7680	2009-07-15
Fedora	FEDORA-2008-11736	2008-12-24
Ubuntu	USN-700-1	2008-12-24
Ubuntu	USN-700-2	2009-01-15
Gentoo	200812-10	2008-12-10

(Log in to post comments)

Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds