Ubuntu Security Notice USN-257-1 - Jim Meyering discovered that tar did not properly verify the validity of certain header fields in a GNU tar archive. By tricking an user into processing a specially crafted tar archive, this could be exploited to execute arbitrary code with the privileges of the user.
f278b8de3efefa0e1abe7ac7bc7a1a3cdc508ea219eb209035d7748efdac5d67