Security update for tar
This update for tar fixes the following issues:
- extract files recursively with --files-from [boo#913058]
- Fix POINTYFEATHER
vulnerability - GNU tar archiver can be tricked into extracting
files and directories in the given destination, regardless of the
path name(s) specified on the command line [boo#1007188]
[CVE-2016-6321]
-
Submitted by
Kristyna Streitova (kstreitova)
Fixed bugs
bnc#1007188
VUL-0: CVE-2016-6321: tar: Bypassing the extract path name "POINTYFEATHER"
bnc#913058
GNU tar doesn't cooperate well with Amanda anymore
