[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#802702: CVE-2011-5325: busybox: Directory traversal via crafted tar file which contains a symlink pointing outside of the current directory

> busybox tar should do basically the same as GNU tar

Indeed. The implementation wasn't quite as straightforward or as clean as fixing the symlinks case, hence why my patch on upstream's bugtracker only addresses that part.


     : :'  :     Chris Lamb
     `. `'`      lamby@debian.org / chris-lamb.co.uk

Reply to: