USN-3132-1: tar vulnerability
USN-3132-1: tar vulnerability Ubuntu Security Notice USN-3132-1 21st November, 2016 tar vulnerability A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 16.10 Ubuntu 16.04 LTS Ubuntu 14.04 LTS Ubuntu 12.04 LTS Summary tar could be made to overwrite files. Software description tar – GNU version of the tar archiving utility Details Harry Sintonen discovered that tar incorrectly handled extracting fileswhen path names are specified on the command line. If a user or automatedsystem were tricked into processing a specially crafted archive, anattacker could possibly overwrite arbitrary files. Update instructions The problem can be corrected by updating your system to the following package version: Ubuntu 16.10: tar 1.29b-1ubuntu0.1 Ubuntu 16.04 LTS: tar 1.28-2.1ubuntu0.1 Ubuntu 14.04 LTS: tar 1.27.1-1ubuntu0.1 Ubuntu 12.04 LTS: tar 1.26-4ubuntu1.1 To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades. In general, a standard system update [ more… ]
