cvs commit: ports/archivers/gtar Makefile ports/archivers/gtar/files
patch-src_xheader.c
Christian Weisgerber
naddy at FreeBSD.org
Sat Mar 4 06:59:43 PST 2006
naddy 2006-03-04 14:59:42 UTC
FreeBSD ports repository
Modified files:
archivers/gtar Makefile
Added files:
archivers/gtar/files patch-src_xheader.c
Log:
Fix a buffer overflow, caused by improper bounds checking of the
PAX extended headers. By tricking a user into processing a specially
crafted tar archive, this could be exploited to execute arbitrary
code with the privileges of the user.
Security: CVE-2006-0300
Approved by: portmgr (erwin)
Obtained from: Ubuntu
Revision Changes Path
1.47 +1 -1 ports/archivers/gtar/Makefile
1.1 +124 -0 ports/archivers/gtar/files/patch-src_xheader.c (new)
More information about the cvs-ports
mailing list