Subject: Re: gnu-tar (and unzip) vulnerabilities
To: None <tech-security@netbsd.org>
From: Jeremy C. Reed <reed@reedmedia.net>
List: tech-security
Date: 10/07/2002 14:27:00
On Mon, 7 Oct 2002, Jeremy C. Reed wrote:
> There source is at
> ftp://updates.redhat.com/6.2/en/os/SRPMS/tar-1.13.25-1.6.src.rpm.
Their source is really at
ftp://updates.redhat.com/7.3/en/os/SRPMS/tar-1.13.25-4.7.1.src.rpm
You can use rpm2cpio (and pipe it through cpio) and see a few tar-*.patch
files.
Jeremy C. Reed
http://bsd.reedmedia.net/