Bug#802702: CVE-2011-5325: busybox: Directory traversal via crafted tar file which contains a symlink pointing outside of the current directory
- To: 802702@bugs.debian.org, Chris Lamb <lamby@debian.org>, Ben Hutchings <ben@decadent.org.uk>, Henri Salo <henri@nerv.fi>
- Subject: Bug#802702: CVE-2011-5325: busybox: Directory traversal via crafted tar file which contains a symlink pointing outside of the current directory
- From: Petter Reinholdtsen <pere@hungry.com>
- Date: Fri, 30 Sep 2016 07:41:17 +0200
- Message-id: <[🔎] 20160930054117.GA30391@diskless.uio.no>
- Reply-to: Petter Reinholdtsen <pere@hungry.com>, 802702@bugs.debian.org
- In-reply-to: <1467205078.2797928.651917073.2CB466BB@webmail.messagingengine.com>
- References: <1447174316.2101723.435141297.4D521B6E@webmail.messagingengine.com> <20160629062943.GA27671@diskless.uio.no> <1467185439.2731493.651661161.583AA4F7@webmail.messagingengine.com> <2fleg7g5qyq.fsf@diskless.uio.no> <1467204665.2551.115.camel@decadent.org.uk> <1467205078.2797928.651917073.2CB466BB@webmail.messagingengine.com>
For the record, this issue is still flagged as unsolved upstream. :(
No activity in the bug tracker there since 2015 when Chris added the
last comment.
--
Happy hacking
Petter Reinholdtsen
Reply to: