[Bug-tar] http://seclists.org/fulldisclosure/2016/Oct/96

bug-tar

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Bug-tar] http://seclists.org/fulldisclosure/2016/Oct/96

From:	Somchai Smythe
Subject:	[Bug-tar] http://seclists.org/fulldisclosure/2016/Oct/96
Date:	Fri, 28 Oct 2016 14:49:36 +0700

FYI,

Just in case nobody informed you, the notice at:

http://seclists.org/fulldisclosure/2016/Oct/96

claims tar 1.29 is vulnerable.  I have been checking what I assume is
the git master archive for any fix here:

http://git.savannah.gnu.org/cgit/tar.git

and the mailing list here:

http://lists.gnu.org/archive/html/bug-tar/

And nothing is there about this that I can find, so I wonder if maybe
nobody has informed you about it?  Maybe you fixed it and I didn't
realize the fix was for this problem?  If so, what git commit should I
create a patch from to get the fix?

Thanks!

[Prev in Thread]

Current Thread

[Next in Thread]

[Bug-tar] http://seclists.org/fulldisclosure/2016/Oct/96, Somchai Smythe <=
- Re: [Bug-tar] http://seclists.org/fulldisclosure/2016/Oct/96, Joerg Schilling, 2016/10/28

Prev by Date: Re: [Bug-tar] /usr/sfw/bin/gtar: Cannot utime: Invalid argument
Next by Date: Re: [Bug-tar] http://seclists.org/fulldisclosure/2016/Oct/96
Previous by thread: [Bug-tar] /usr/sfw/bin/gtar: Cannot utime: Invalid argument
Next by thread: Re: [Bug-tar] http://seclists.org/fulldisclosure/2016/Oct/96
Index(es):
- Date
- Thread