Secunia Security Advisory - Ubuntu has issued an update for tar. This fixes a vulnerability, which potentially can be exploited by malicious people to cause a DoS (Denial of Service) and to compromise a user's system.
4b309af0feff4fdc1020ae2f0ec80a4f3d2acaa96c9b2c45bea9d7f108a5942b
TITLE:
Ubuntu update for tar
SECUNIA ADVISORY ID:
SA18999
VERIFY ADVISORY:
http://secunia.com/advisories/18999/
CRITICAL:
Moderately critical
IMPACT:
DoS, System access
WHERE:
>From remote
OPERATING SYSTEM:
Ubuntu Linux 5.04
http://secunia.com/product/5036/
Ubuntu Linux 5.10
http://secunia.com/product/6606/
DESCRIPTION:
Ubuntu has issued an update for tar. This fixes a vulnerability,
which potentially can be exploited by malicious people to cause a DoS
(Denial of Service) and to compromise a user's system.
For more information:
SA18973
SOLUTION:
Apply updated packages.
-- Ubuntu 5.04 --
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/t/tar/tar_1.14-2ubuntu0.1.diff.gz
Size/MD5: 21395 1f8f561b862e0eaa1d3d76ab5b0805cc
http://security.ubuntu.com/ubuntu/pool/main/t/tar/tar_1.14-2ubuntu0.1.dsc
Size/MD5: 568 1ac96d117355d0c6501bcfc0603d7f35
http://security.ubuntu.com/ubuntu/pool/main/t/tar/tar_1.14.orig.tar.gz
Size/MD5: 1485633 3094544702b1affa32d969f0b6459663
amd64 architecture (Athlon64, Opteron, EM64T Xeon)
http://security.ubuntu.com/ubuntu/pool/main/t/tar/tar_1.14-2ubuntu0.1_amd64.deb
Size/MD5: 374144 92a29882b472aae37c4f241a2b3d70b7
i386 architecture (x86 compatible Intel/AMD)
http://security.ubuntu.com/ubuntu/pool/main/t/tar/tar_1.14-2ubuntu0.1_i386.deb
Size/MD5: 366426 bd8a627f95eea1d4dd38da1b8cb755a2
powerpc architecture (Apple Macintosh G3/G4/G5)
http://security.ubuntu.com/ubuntu/pool/main/t/tar/tar_1.14-2ubuntu0.1_powerpc.deb
Size/MD5: 377108 8d1b6600f06a051dc7236e8e65c2032f
-- Ubuntu 5.10 --
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/t/tar/tar_1.15.1-2ubuntu0.1.diff.gz
Size/MD5: 28928 e545480fd691241448cd885504e50393
http://security.ubuntu.com/ubuntu/pool/main/t/tar/tar_1.15.1-2ubuntu0.1.dsc
Size/MD5: 576 c9d9bf92c8460d314cb3320666b01294
http://security.ubuntu.com/ubuntu/pool/main/t/tar/tar_1.15.1.orig.tar.gz
Size/MD5: 2204322 d87021366fe6488e9dc398fcdcb6ed7d
amd64 architecture (Athlon64, Opteron, EM64T Xeon)
http://security.ubuntu.com/ubuntu/pool/main/t/tar/tar_1.15.1-2ubuntu0.1_amd64.deb
Size/MD5: 531590 9f7a550698b0a138f4d92ec06ecfec96
i386 architecture (x86 compatible Intel/AMD)
http://security.ubuntu.com/ubuntu/pool/main/t/tar/tar_1.15.1-2ubuntu0.1_i386.deb
Size/MD5: 519510 fd362a5872f6924e491e2caf7639162b
powerpc architecture (Apple Macintosh G3/G4/G5)
http://security.ubuntu.com/ubuntu/pool/main/t/tar/tar_1.15.1-2ubuntu0.1_powerpc.deb
Size/MD5: 533538 c8148419548837909a81da6983af2964
ORIGINAL ADVISORY:
http://www.ubuntu.com/usn/usn-257-1
OTHER REFERENCES:
SA18973:
http://secunia.com/advisories/18973/
----------------------------------------------------------------------
About:
This Advisory was delivered by Secunia as a free service to help
everybody keeping their systems up to date against the latest
vulnerabilities.
Subscribe:
http://secunia.com/secunia_security_advisories/
Definitions: (Criticality, Where etc.)
http://secunia.com/about_secunia_advisories/
Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.
----------------------------------------------------------------------