Explore top 10 tips to secure your open-source projects now. Read More
×
Date: Thu, 10 Oct 2013 17:57:46 +0000 Reply-To: scientific-linux-users@ Sender: Security Errata for Scientific LinuxFrom: Pat Riehecky Subject: Security ERRATA Moderate: libtar on SL6.x i386/x86_64 MIME-Version: 1.0 Synopsis: Moderate: libtar security update Advisory ID: SLSA-2013:1418-1 Issue Date: 2013-10-10 CVE Numbers: CVE-2013-4397 -- Two heap-based buffer overflow flaws were found in the way libtar handled certain archives. If a user were tricked into expanding a specially- crafted archive, it could cause the libtar executable or an application using libtar to crash or, potentially, execute arbitrary code. (CVE-2013-4397) Note: This issue only affected 32-bit builds of libtar. -- SL6 x86_64 libtar-1.2.11-17.el6_4.1.x86_64.rpm libtar-debuginfo-1.2.11-17.el6_4.1.x86_64.rpm libtar-1.2.11-17.el6_4.1.i686.rpm libtar-debuginfo-1.2.11-17.el6_4.1.i686.rpm libtar-devel-1.2.11-17.el6_4.1.i686.rpm libtar-devel-1.2.11-17.el6_4.1.x86_64.rpm i386 libtar-1.2.11-17.el6_4.1.i686.rpm libtar-debuginfo-1.2.11-17.el6_4.1.i686.rpm libtar-devel-1.2.11-17.el6_4.1.i686.rpm - Scientific Linux Development Team