ALSA-2023:0959

[ALSA-2023:0959] Moderate: tar security update

Type:

security

Severity:

moderate

Release date:

2023-02-28

Description:

The GNU tar program can save multiple files in an archive and restore files from an archive.

Security Fix(es):

* tar: heap buffer overflow at from_header() in list.c via specially crafted checksum (CVE-2022-48303)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

References:

Updated packages listed below:

Architecture	Package	Checksum
aarch64	tar-1.34-6.el9_1.aarch64.rpm	7f4904626815ef53aeade1ee78e6c33ee4305d91f35fe0948dd56c621608dd55
ppc64le	tar-1.34-6.el9_1.ppc64le.rpm	e759afe8845683473e19174d61ea0ef0f5891c289be2c1f0020a8277184abb9a
s390x	tar-1.34-6.el9_1.s390x.rpm	82e2a01476ce142200dc7f7ee3efae7b0a5ced7be91c1bfcce5cde2eb8ba5208
x86_64	tar-1.34-6.el9_1.x86_64.rpm	c3da94e4ff327e244f225a30653e6a9988d470e161cb114e0d58ac7b0fc14d04

Notes:

This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.