Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 601
Alerts This Week
Warning Icon 1 601

Ubuntu 23.04 USN-5900-2 Severe: tar Information Exposure Risk

ubuntu
Calendar Grey May 22, 2023
Dist Ubuntu Esm H88
The Ubuntu Security Notice USN-5900-2 highlights a vulnerability in tar that can lead to the unauthorized exposure of sensitive information.
tar could be made to crash or expose sensitive information if it received a specially crafted file.

Summary

tar could be made to crash or expose sensitive information

if it received a specially crafted file.

Software Description:

- tar: GNU version of the tar archiving utility

Details:

USN-5900-1 fixed vulnerabilities in tar. This update fixes it to Ubuntu 23.04.

Original advisory details:

It was discovered that tar incorrectly handled certain files.

An attacker could possibly use this issue to expose sensitive information

or cause a crash.

Update Instructions

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 23.04:
  tar                             1.34+dfsg-1.2ubuntu0.1

In general, a standard system update will make all the necessary changes.

References

https://ubuntu.com/security/notices/USN-5900-2

https://ubuntu.com/security/notices/USN-5900-1

CVE-2022-48303

Severity
critical
Lowest
Low
Medium
High
Critical

May 22, 2023

Package Information

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.