Date: Tue, 28 Nov 2006 13:33:32 -0600 From: Josh Paetzel <josh@tcbug.org> To: freebsd-security@freebsd.org Cc: Sergey Matveychuk <sem@freebsd.org> Subject: Re: GNU Tar vulnerability Message-ID: <200611281333.32259.josh@tcbug.org> In-Reply-To: <456C6F30.2090904@FreeBSD.org> References: <456C6F30.2090904@FreeBSD.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Tuesday 28 November 2006 11:17, Sergey Matveychuk wrote: > Please, note: http://secunia.com/advisories/23115/ > > A port maintainer CC'ed. This is one of those things where the impact is hard to determine because the link doesn't really give much info. Ok, you can overwrite arbitrary files.....ANY file? Or just files that the user running gtar has write access to? If it's the first case then that's huge. If it's the second case then who really cares. -- Thanks, Josh Paetzel
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200611281333.32259.josh>