tar - Arch Linux
Resolved
| Group | Affected | Fixed | Severity | Status | Ticket |
|---|---|---|---|---|---|
| AVG-841 | 1.30-2 | 1.31-1 | Low | Fixed | |
| AVG-64 | 1.29-1 | 1.29-2 | Medium | Fixed | FS#51563 |
| Issue | Group | Severity | Remote | Type | Description |
|---|---|---|---|---|---|
| CVE-2018-20482 | AVG-841 | Low | No | Denial of service | A denial of service issue has been found in GNU Tar versions up to and including 1.30. When creating archives with the --sparse option, tar would loop... |
| CVE-2016-6321 | AVG-64 | Medium | Yes | Arbitrary file overwrite | The GNU tar archiver attempts to avoid path traversal attacks by removing offending parts of the element name at extract. This sanitizing leads to a... |
Advisories
| Date | Advisory | Group | Severity | Description |
|---|---|---|---|---|
| 08 Jan 2019 | ASA-201901-1 | AVG-841 | Low | denial of service |
| 03 Nov 2016 | ASA-201611-11 | AVG-64 | Medium | arbitrary file overwrite |