Jump to:

CVE-2019-9923

Jump to:

CVE-2019-9923

Package tar updated to version 1.32-alt1 for branch sisyphus in task 222772.

Published: 2019-03-22
Modified: 2024-11-21

CVE-2019-9923

pax_decode_header in sparse.c in GNU Tar before 1.32 had a NULL pointer dereference when parsing certain archives that have malformed extended headers.

Severity: HIGH (7.5) Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

References:

http://git.savannah.gnu.org/cgit/tar.git/commit/?id=cb07844454d8cc9fb21f53ace75975f91185a120
openSUSE-SU-2019:1237
http://savannah.gnu.org/bugs/?55369
https://bugs.launchpad.net/ubuntu/+source/tar/+bug/1810241
[bookkeeper-issues] 20210629 [GitHub] [bookkeeper] padma81 opened a new issue #2746: Security Vulnerabilities in CentOS 7 image, Upgrade image to CentOS 8
[bookkeeper-issues] 20210628 [GitHub] [bookkeeper] padma81 opened a new issue #2746: Security Vulnerabilities in CentOS 7 image, Upgrade image to CentOS 8
http://git.savannah.gnu.org/cgit/tar.git/commit/?id=cb07844454d8cc9fb21f53ace75975f91185a120
[bookkeeper-issues] 20210628 [GitHub] [bookkeeper] padma81 opened a new issue #2746: Security Vulnerabilities in CentOS 7 image, Upgrade image to CentOS 8
[bookkeeper-issues] 20210629 [GitHub] [bookkeeper] padma81 opened a new issue #2746: Security Vulnerabilities in CentOS 7 image, Upgrade image to CentOS 8
https://bugs.launchpad.net/ubuntu/+source/tar/+bug/1810241
http://savannah.gnu.org/bugs/?55369
openSUSE-SU-2019:1237

Version: 2.1.0

Package tar update in sisyphus on 2019-02-24

ALT-PU-2019-1302-1

Closed vulnerabilities

CVE-2019-9923