Accepting request 439571 from home:kstreitova:branches:Base:System

- add tar-1.29-extract_pathname_bypass.patch to fix POINTYFEATHER vulnerability - GNU tar archiver can be tricked into extracting files and directories in the given destination, regardless of the path name(s) specified on the command line [bsc#1007188] [CVE-2016-6321] OBS-URL: https://build.opensuse.org/request/show/439571 OBS-URL: https://build.opensuse.org/package/show/Base:System/tar?expand=0&rev=73
2016-11-10 22:20:00 +00:00
parent ecfd71c5af
commit 885805a010
3 changed files with 41 additions and 0 deletions
--- a/tar.changes
+++ b/tar.changes
@@ -1,3 +1,12 @@
+-------------------------------------------------------------------
+Tue Nov  8 17:50:44 UTC 2016 - kstreitova@suse.com
+
+- add tar-1.29-extract_pathname_bypass.patch to fix POINTYFEATHER
+  vulnerability - GNU tar archiver can be tricked into extracting 
+  files and directories in the given destination, regardless of the 
+  path name(s) specified on the command line [bsc#1007188] 
+  [CVE-2016-6321] 
+
 -------------------------------------------------------------------
 Sat May 28 19:06:33 UTC 2016 - astieger@suse.com