tar

Link package | bugs open | bugs closed | Wiki | GitHub | web search
Description Utility used to store, backup, and transport files
Version 1.32-1 [core]

Resolved

Group Affected Fixed Severity Status Ticket
AVG-841 1.30-2 1.31-1 Low Fixed
AVG-64 1.29-1 1.29-2 Medium Fixed FS#51563
Issue Group Severity Remote Type Description
CVE-2018-20482 AVG-841 Low No Denial of service
A denial of service issue has been found in GNU Tar versions up to and including 1.30. When creating archives with the --sparse option, tar would loop...
CVE-2016-6321 AVG-64 Medium Yes Arbitrary file overwrite
The GNU tar archiver attempts to avoid path traversal attacks by removing offending parts of the element name at extract. This sanitizing leads to a...

Advisories

Date Advisory Group Severity Description
08 Jan 2019 ASA-201901-1 AVG-841 Low denial of service
03 Nov 2016 ASA-201611-11 AVG-64 Medium arbitrary file overwrite