Security update for tar
This update for tar fixes the following issues:
Security issues fixed:
- CVE-2019-9923: Fixed a denial of service while parsing certain archives with malformed extended headers in pax_decode_header() (bsc#1130496).
- CVE-2018-20482: Fixed a denial of service when the '--sparse' option mishandles file shrinkage during read access (bsc#1120610).
This update was imported from the SUSE:SLE-15:Update update project.
-
Submitted by
Kristyna Streitova (kstreitova)
Fixed bugs
bnc#1120610
VUL-1: CVE-2018-20482: tar: --sparse mishandles file shrinkage during read access
bnc#1130496
VUL-1: CVE-2019-9923: tar: null-pointer dereference in pax_decode_header in sparse.c
