=========================================================================Ubuntu Security Notice USN-5329-1
March 15, 2022

tar vulnerability
=========================================================================
A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 20.04 LTS
- Ubuntu 18.04 LTS
- Ubuntu 16.04 ESM
- Ubuntu 14.04 ESM

Summary:

tar could be made to crash if it received specially crafted
file.

Software Description:
- tar: GNU version of the tar archiving utility

Details:

It was discovered that tar incorrectly handled certain files.
An attacker could possibly use this issue to cause tar to crash,
resulting in a denial of service.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 20.04 LTS:
   tar                             1.30+dfsg-7ubuntu0.20.04.2

Ubuntu 18.04 LTS:
   tar                             1.29b-2ubuntu0.3

Ubuntu 16.04 ESM:
   tar                             1.28-2.1ubuntu0.2+esm1

Ubuntu 14.04 ESM:
   tar                             1.27.1-1ubuntu0.1+esm2

In general, a standard system update will make all the necessary changes.

References:
   https://ubuntu.com/security/notices/USN-5329-1
   CVE-2021-20193

Package Information:
   https://launchpad.net/ubuntu/+source/tar/1.30+dfsg-7ubuntu0.20.04.2
   https://launchpad.net/ubuntu/+source/tar/1.29b-2ubuntu0.3

Ubuntu 5329-1: tar vulnerability

March 15, 2022
tar could be made to crash if it received specially crafted file.

Summary

Update Instructions

The problem can be corrected by updating your system to the following package versions: Ubuntu 20.04 LTS: tar 1.30+dfsg-7ubuntu0.20.04.2 Ubuntu 18.04 LTS: tar 1.29b-2ubuntu0.3 Ubuntu 16.04 ESM: tar 1.28-2.1ubuntu0.2+esm1 Ubuntu 14.04 ESM: tar 1.27.1-1ubuntu0.1+esm2 In general, a standard system update will make all the necessary changes.

References

https://ubuntu.com/security/notices/USN-5329-1

CVE-2021-20193

Severity
March 15, 2022

Package Information

https://launchpad.net/ubuntu/+source/tar/1.30+dfsg-7ubuntu0.20.04.2 https://launchpad.net/ubuntu/+source/tar/1.29b-2ubuntu0.3