[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Bug-tar] tar-1.13.92 strips leading or contained './'
|
From: |
Martin Schlemmer |
|
Subject: |
[Bug-tar] tar-1.13.92 strips leading or contained './' |
|
Date: |
Tue, 06 Jan 2004 21:13:38 +0200 |
Hi
As above. Having a path start with './' or containing '/./' is not
a security risk, and even used by some archiving apps as security
measure (like unzip that appends './'). This behaviour breaks reacent
tarballs (among those are tcpdump-3.8.1.tar.gz, and most ones in RH
src.rpm's).
Attached is a possible fix. More info at:
http://bugs.gentoo.org/show_bug.cgi?id=37132
Thanks,
--
Martin Schlemmer
tar-1.13.92-fix-pathstrip.patch
Description: Text Data
signature.asc
Description: This is a digitally signed message part
- [Bug-tar] tar-1.13.92 strips leading or contained './',
Martin Schlemmer <=