tar
| Link | package | bugs open | bugs closed | Wiki | GitHub | web search |
| Description | Utility used to store, backup, and transport files |
| Version | 1.35-2 [core] |
Resolved
| Group | Affected | Fixed | Severity | Status | Ticket |
|---|---|---|---|---|---|
| AVG-1462 | 1.33-1 | 1.34-1 | Low | Fixed | |
| AVG-841 | 1.30-2 | 1.31-1 | Low | Fixed | |
| AVG-64 | 1.29-1 | 1.29-2 | Medium | Fixed | FS#51563 |
| Issue | Group | Severity | Remote | Type | Description |
|---|---|---|---|---|---|
| CVE-2021-20193 | AVG-1462 | Low | No | Denial of service | An issue was discovered in GNU Tar before version 1.34. There is a memory leak in read_header() in list.c in the tar application. |
| CVE-2018-20482 | AVG-841 | Low | No | Denial of service | A denial of service issue has been found in GNU Tar versions up to and including 1.30. When creating archives with the --sparse option, tar would loop... |
| CVE-2016-6321 | AVG-64 | Medium | Yes | Arbitrary file overwrite | The GNU tar archiver attempts to avoid path traversal attacks by removing offending parts of the element name at extract. This sanitizing leads to a... |
Advisories
| Date | Advisory | Group | Severity | Type |
|---|---|---|---|---|
| 27 Feb 2021 | ASA-202102-41 | AVG-1462 | Low | denial of service |
| 08 Jan 2019 | ASA-201901-1 | AVG-841 | Low | denial of service |
| 03 Nov 2016 | ASA-201611-11 | AVG-64 | Medium | arbitrary file overwrite |