Download
| Alert*
|
oval:org.secpod.oval:def:79884
tar: GNU version of the tar archiving utility tar could be made to crash if it received specially crafted file. oval:org.secpod.oval:def:89044117 This update for tar fixes the following issues: CVE-2021-20193: Memory leak in read_header in list.c oval:org.secpod.oval:def:1801968 A flaw was found in the src/list.c of tar 1.33 and earlier. This flaw allows an attacker who can submit a crafted input file to tar to cause uncontrolled consumption of memory. The highest threat from this vulnerability is to system availability. oval:org.secpod.oval:def:706352 tar: GNU version of the tar archiving utility tar could be made to crash if it received specially crafted file. oval:org.secpod.oval:def:2106736 Oracle Solaris 11 - ( CVE-2021-20193 ) oval:org.secpod.oval:def:89049444 This update for tar fixes the following issues: CVE-2021-20193: Memory leak in read_header in list.c oval:org.secpod.oval:def:89047405 This update for tar fixes the following issues: - CVE-2021-20193: Fixed a memory leak in read_header in list.c . - CVE-2019-9923: Fixed a null-pointer dereference in pax_decode_header in sparse.c . - CVE-2018-20482: Fixed infinite read loop in sparse_dump_region in sparse.c . - Update to GNU tar 1.3 ... |
