mirror of
git://slackware.nl/current.git
synced 2024-12-28 09:59:53 +01:00
694953a024
patches/packages/glibc-zoneinfo-2023b-noarch-1_slack15.0.txz: Upgraded.
This package provides the latest timezone updates.
patches/packages/tar-1.34-x86_64-2_slack15.0.txz: Rebuilt.
GNU Tar through 1.34 has a one-byte out-of-bounds read that results in use
of uninitialized memory for a conditional jump. Exploitation to change the
flow of control has not been demonstrated. The issue occurs in from_header
in list.c via a V7 archive in which mtime has approximately 11 whitespace
characters.
Thanks to marav for the heads-up.
For more information, see:
https://www.cve.org/CVERecord?id=CVE-2022-48303
(* Security fix *)
11 lines
395 B
Text
11 lines
395 B
Text
tar: tar (archiving utility)
|
|
tar:
|
|
tar: This is the GNU version of tar, an archiving program designed to store
|
|
tar: and extract files from an archive file known as a tarfile. A tarfile
|
|
tar: may be made on a tape drive, however, it is also common to write a
|
|
tar: tarfile to a normal file.
|
|
tar:
|
|
tar: Slackware's package system uses tarfiles compressed with bzip2, gzip,
|
|
tar: lzip, or xz.
|
|
tar:
|
|
tar:
|