diff options
author | Christian Weisgerber <naddy@FreeBSD.org> | 2007-09-01 16:04:23 +0000 |
---|---|---|
committer | Christian Weisgerber <naddy@FreeBSD.org> | 2007-09-01 16:04:23 +0000 |
commit | 7ff7ed0c2159f7c51b01b70a83d90e432af220cd (patch) | |
tree | f02d172e29a6874a343e0fbf6d00464bdb42871a /security/vuxml/vuln.xml | |
parent | 89a513d4c65a6909b3d155e39a9311347ec53ac8 (diff) | |
download | ports-7ff7ed0c2159f7c51b01b70a83d90e432af220cd.tar.gz ports-7ff7ed0c2159f7c51b01b70a83d90e432af220cd.zip |
Notes
Diffstat (limited to 'security/vuxml/vuln.xml')
-rw-r--r-- | security/vuxml/vuln.xml | 32 |
1 files changed, 32 insertions, 0 deletions
diff --git a/security/vuxml/vuln.xml b/security/vuxml/vuln.xml index b92dd5bf2ee7..0dc0e61459b1 100644 --- a/security/vuxml/vuln.xml +++ b/security/vuxml/vuln.xml @@ -34,6 +34,38 @@ Note: Please add new entries to the beginning of this file. --> <vuxml xmlns="http://www.vuxml.org/apps/vuxml-1"> + <vuln vid="d944719e-42f4-4864-89ed-f045b541919f"> + <topic>gtar -- Directory traversal vulnerability</topic> + <affects> + <package> + <name>gtar</name> + <range><lt>1.18_1</lt></range> + </package> + </affects> + <description> + <body xmlns="http://www.w3.org/1999/xhtml"> + <p>Red Hat reports:</p> + <blockquote cite="http://rhn.redhat.com/errata/RHSA-2007-0860.html"> + <p>A path traversal flaw was discovered in the way GNU + tar extracted archives. A malicious user could create a + tar archive that could write to arbitrary files to which + the user running GNU tar had write access.</p> + </blockquote> + <p>Red Hat credits Dmitry V. Levin for reporting the issue.</p> + </body> + </description> + <references> + <bid>25417</bid> + <cvename>CVE-2007-4131</cvename> + <url>http://rhn.redhat.com/errata/RHSA-2007-0860.html</url> + <url>https://bugzilla.redhat.com/show_bug.cgi?id=251921</url> + </references> + <dates> + <discovery>2007-08-23</discovery> + <entry>2007-09-01</entry> + </dates> + </vuln> + <vuln vid="d9867f50-54d0-11dc-b80b-0016179b2dd5"> <topic>claws-mail -- POP3 Format String Vulnerability</topic> <affects> |