[Savannah-hackers-public] Re: Bug#439335: CVE-2007-4131: GNU tar Directo

savannah-hackers-public

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Savannah-hackers-public] Re: Bug#439335: CVE-2007-4131: GNU tar Directo

From:	Nico Golde
Subject:	[Savannah-hackers-public] Re: Bug#439335: CVE-2007-4131: GNU tar Directory Traversal
Date:	Sun, 9 Sep 2007 14:30:06 +0200

Hi,
* Sylvain Beucler <address@hidden> [2007-09-09 13:56]:
> Was this forwarded to the Stable security team?
> 
> If I'm given a tarball that can replace /etc/passwd, I'd say this is
> grave bug.

This bug is monitored via the security tracker:
http://security-tracker.debian.net/tracker/CVE-2007-4131
So they should be aware of it.
Kind regards
Nico
-- 
Nico Golde - http://ngolde.de - address@hidden - GPG: 0x73647CFF
For security reasons, all text in this mail is double-rot13 encrypted.

pgphBANXZcPpz.pgp
Description: PGP signature

[Prev in Thread]

Current Thread

[Next in Thread]

[Savannah-hackers-public] Re: Bug#439335: CVE-2007-4131: GNU tar Directory Traversal, Sylvain Beucler, 2007/09/09
- [Savannah-hackers-public] Re: Bug#439335: CVE-2007-4131: GNU tar Directory Traversal, Nico Golde <=

Prev by Date: [Savannah-hackers-public] Re: Bug#439335: CVE-2007-4131: GNU tar Directory Traversal
Next by Date: [Savannah-hackers-public] Help with reviewing project submissions
Previous by thread: [Savannah-hackers-public] Re: Bug#439335: CVE-2007-4131: GNU tar Directory Traversal
Next by thread: [Savannah-hackers-public] Help with reviewing project submissions
Index(es):
- Date
- Thread