[SECURITY] [DLA 3755-1] tar security update

To: debian-lts-announce@lists.debian.org
Subject: [SECURITY] [DLA 3755-1] tar security update
From: Adrian Bunk <bunk@debian.org>
Date: Sat, 9 Mar 2024 23:22:24 +0200
Message-id: <[🔎] ZezTEMVAXrqwRpvb@localhost>
Mail-followup-to: debian-lts@lists.debian.org
Reply-to: debian-lts@lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- -------------------------------------------------------------------------
Debian LTS Advisory DLA-3755-1                debian-lts@lists.debian.org
https://www.debian.org/lts/security/                          Adrian Bunk
March 09, 2024                                https://wiki.debian.org/LTS
- -------------------------------------------------------------------------

Package        : tar
Version        : 1.30+dfsg-6+deb10u1
CVE ID         : CVE-2023-39804
Debian Bug     : 1058079

Incorrect handling of extension attributes in PAX archives has been 
fixed in the GNU tar archiving utility.

For Debian 10 buster, this problem has been fixed in version
1.30+dfsg-6+deb10u1.

We recommend that you upgrade your tar packages.

For the detailed security status of tar please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/tar

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEOvp1f6xuoR0v9F3wiNJCh6LYmLEFAmXs0w0ACgkQiNJCh6LY
mLGTSxAAkExlVbFmIvkgQaHazTxhgdtC0cFwQVw+GfhR21bnG2Xu628nf6ELJkYJ
WD+JUofSkPI1CskzITV77SGE3T2Cd5NHcW92qCNAMlV363jT43ezAIxNgk8nUQco
M3yme6X+OHsRyqSlemosfm3BnbPvp9qegGYS9vmgh+GkfLPkbVpPAtUH1rVkaMUB
54XOjxmuB9DvN9lhFYfmgX41WiLmlRfMcBkDUrf7fpcQSrpkpNSuy8fwzTNF/XZ9
znW9Wf7TNLDI5eZyKInneeYYY46I7eq6YEmHXKxoKOMU4SOc4al7rkyB4ER8LtxH
kGrG9qmLWrt2NfYOUzOMXU8IL71ua54jkofFkp7koZlyAu4OwFft1r8Xbosdnfm6
MnSKjaNTeHZEkabhwmr/vJhqpTU0Oy8Cd+HaR4FdwtFPZyNfbiqrHESeego33K8u
vPH+ZLDOdRUQcrZ3tD2oozX2FzLfx0DlOf5ssmAFfEvubezFpJWwylo4IZLpv5Ot
/J0bXQgdFqLfRif2acYLK2Y41cheQqdCxVrry5kgrZkN+mEQSHOUb5zt7QLSNSqn
p4tWxlAeIqZgSQebW6OLmRmJOJM8Og1rYWRDNbjA5x5V94fr0BvAJzjav7TkaoEB
itWh65wYK+YvxIaX005wVzxepcZZVsUKvbrz1kTQc8/QzuhrMAk=
=4LDX
-----END PGP SIGNATURE-----

Reply to:

Prev by Date: [SECURITY] [DLA 3754-1] fontforge security update
Next by Date: [SECURITY] [DLA 3756-1] wordpress security update
Previous by thread: [SECURITY] [DLA 3754-1] fontforge security update
Next by thread: [SECURITY] [DLA 3756-1] wordpress security update
Index(es):
- Date
- Thread