Bug#802702: CVE-2011-5325: busybox: Directory traversal via crafted tar file which contains a symlink pointing outside of the current directory

To: Chris Lamb <lamby@debian.org>, Henri Salo <henri@nerv.fi>, 802702@bugs.debian.org
Subject: Bug#802702: CVE-2011-5325: busybox: Directory traversal via crafted tar file which contains a symlink pointing outside of the current directory
From: Petter Reinholdtsen <pere@hungry.com>
Date: Wed, 29 Jun 2016 08:29:43 +0200
Message-id: <[🔎] 20160629062943.GA27671@diskless.uio.no>
Reply-to: Petter Reinholdtsen <pere@hungry.com>, 802702@bugs.debian.org
In-reply-to: <1447174316.2101723.435141297.4D521B6E@webmail.messagingengine.com>
References: <1447174316.2101723.435141297.4D521B6E@webmail.messagingengine.com>

[Chris Lamb]
> (Small issues with patch; see upstream tracker)

Any idea why the resolution of this issue did not move any further?  I notice from
the upstream tracker that hardlinks might be a problem too.

-- 
Happy hacking
Petter Reinholdtsen

Reply to:

Follow-Ups:
- Bug#802702: CVE-2011-5325: busybox: Directory traversal via crafted tar file which contains a symlink pointing outside of the current directory
  - From: Chris Lamb <lamby@debian.org>

Prev by Date: Bug#559796: this is amazing
Next by Date: Bug#802702: CVE-2011-5325: busybox: Directory traversal via crafted tar file which contains a symlink pointing outside of the current directory
Previous by thread: Bug#559796: this is amazing
Next by thread: Bug#802702: CVE-2011-5325: busybox: Directory traversal via crafted tar file which contains a symlink pointing outside of the current directory
Index(es):
- Date
- Thread