Date: Sat, 4 Mar 2006 14:59:42 +0000 (UTC) From: Christian Weisgerber <naddy@FreeBSD.org> To: ports-committers@FreeBSD.org, cvs-ports@FreeBSD.org, cvs-all@FreeBSD.org Subject: cvs commit: ports/archivers/gtar Makefile ports/archivers/gtar/files patch-src_xheader.c Message-ID: <200603041459.k24ExgJo048324@repoman.freebsd.org>
next in thread | raw e-mail | index | archive | help
naddy 2006-03-04 14:59:42 UTC
FreeBSD ports repository
Modified files:
archivers/gtar Makefile
Added files:
archivers/gtar/files patch-src_xheader.c
Log:
Fix a buffer overflow, caused by improper bounds checking of the
PAX extended headers. By tricking a user into processing a specially
crafted tar archive, this could be exploited to execute arbitrary
code with the privileges of the user.
Security: CVE-2006-0300
Approved by: portmgr (erwin)
Obtained from: Ubuntu
Revision Changes Path
1.47 +1 -1 ports/archivers/gtar/Makefile
1.1 +124 -0 ports/archivers/gtar/files/patch-src_xheader.c (new)
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200603041459.k24ExgJo048324>