Bug#802702: CVE-2011-5325: busybox: Directory traversal via crafted tar file which contains a symlink pointing outside of the current directory
> Any idea why the resolution of this issue did not move any further? I notice from
> the upstream tracker that hardlinks might be a problem too.
Indeed, the hardlink part was blocking it.
IIRC it was deemed to be low-priority from an LTS point of view so/and I could not justify spending more time on it then. Happy to look again if there is a more urgent requirement.
Regards,
--
,''`.
: :' : Chris Lamb
`. `'` lamby@debian.org / chris-lamb.co.uk
`-
Reply to: