[SECURITY] Fedora 8 Update: tar-1.17-4.fc8

updates at fedoraproject.org updates at fedoraproject.org
Tue Nov 6 16:05:51 UTC 2007 

--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2007-2800
2007-11-06 16:05:46.210414
--------------------------------------------------------------------------------

Name        : tar
Product     : Fedora 8
Version     : 1.17
Release     : 4.fc8
URL         : http://www.gnu.org/software/tar/
Summary     : A GNU file archiving program
Description :
The GNU tar program saves many files together in one archive and can
restore individual files (or all of the files) from that archive. Tar
can also be used to add supplemental files to an archive and to update
or list files in the archive. Tar includes multivolume support,
automatic archive compression/decompression, the ability to perform
remote archives, and the ability to perform incremental and full
backups.

If you want to use tar for remote backups, you also need to install
the rmt package.

--------------------------------------------------------------------------------
ChangeLog:

* Wed Oct 24 2007 Radek Brich <rbrich at redhat.com> 2:1.17-4
- upstream patch for CVE-2007-4476
  (tar stack crashing in safer_name_suffix)
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #280961 - CVE-2007-4476 tar stack crashing in safer_name_suffix
        https://bugzilla.redhat.com/show_bug.cgi?id=280961
  [ 2 ] CVE-2007-4476
        http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4476
--------------------------------------------------------------------------------
Updated packages:

9aa3db9f88424567eea01781c179b161f7a3ead0 tar-1.17-4.fc8.ppc64.rpm
9b027c40cdee9ba25102ff682956398cb94aace9 tar-debuginfo-1.17-4.fc8.ppc64.rpm
ee8f37d014a168a4e0446ab362801aa64e6e7175 tar-debuginfo-1.17-4.fc8.i386.rpm
bc7af5ac1e50c4fb5c9ad01268575e32cb63c569 tar-1.17-4.fc8.i386.rpm
63aafa7ff75aa7199be1f73959584cfff5992d2f tar-1.17-4.fc8.x86_64.rpm
2a21b51d787b0505441ee87eac3007c402757ad8 tar-debuginfo-1.17-4.fc8.x86_64.rpm
39bedd9860414c1869aa141819e7e87b7c0377c5 tar-1.17-4.fc8.ppc.rpm
04d638d90d0801b3c0f963a44d5f5cc0e8e57009 tar-debuginfo-1.17-4.fc8.ppc.rpm
8910e138a6c01fe2f7034bd7f8f63e4b9e635e5d tar-1.17-4.fc8.src.rpm

This update can be installed with the "yum" update program.  Use 
su -c 'yum update tar' 
at the command line.  For more information, refer to "Managing Software
with yum", available at http://docs.fedoraproject.org/yum/.
--------------------------------------------------------------------------------

More information about the package-announce mailing list