Overview

File _patchinfo of Package patchinfo.3547

<patchinfo incident="3547">
  <issue id="1007188" tracker="bnc">VUL-0: CVE-2016-6321: tar: Bypassing the extract path name "POINTYFEATHER"</issue>
  <issue id="913058" tracker="bnc">GNU tar doesn't cooperate well with Amanda anymore</issue>
  <issue id="2016-6321" tracker="cve" />
  <category>security</category>
  <rating>moderate</rating>
  <packager>kstreitova</packager>
  <description>
This update for tar fixes the following issues:

- Fix the POINTYFEATHER vulnerability - GNU tar archiver can be tricked into extracting
  files and directories in the given destination, regardless of the
  path name(s) specified on the command line [bsc#1007188]
  [CVE-2016-6321]
- Fix Amanda integration issue (bsc#913058)

</description>
  <summary>Security update for tar</summary>
</patchinfo>
openSUSE Build Service is sponsored by
Places