Re: [SECURITY] [DSA 1438-1] New tar packages fix several vulnerabilities
Am Freitag, 28. Dezember 2007 16:29 schrieb Florian Weimer:
> ------------------------------------------------------------------------
> Debian Security Advisory DSA-1438-1 security@debian.org
> http://www.debian.org/security/ Florian Weimer
> December 28, 2007 http://www.debian.org/security/faq
> ------------------------------------------------------------------------
>
> Package : tar
> Vulnerability : several
> Problem type : local(remote)
> Debian-specific: no
> CVE Id(s) : CVE-2007-4131, CVE-2007-4476
>
> Several vulnerabilities have been discovered in GNU Tar.
Hello,
during the last six days, updates of the following packages were available via
security.debian.org:
debconf
debconf-i18n
findutils
klibc-utils
libc6
libc6-i386
libklibc
libpam-modules
libpam-runtime
libpam0g
linux-image-2.6.18-5-amd64
locales
tar
tzdata
However, I cannot see any security announcement for most of these. Were they
updated because of the security fix for tar? If yes, why doesn’t the
security announcement mention that updated versions are available also for
those packages?
Best wishes,
Wolfgang
Reply to: