Bug 225552

Summary: CVE-2006-3619 Directory traversal issue in jar
Product: Red Hat Enterprise Linux 3 Reporter: Mark J. Cox <mjc>
Component: gccAssignee: Jakub Jelinek <jakub>
Status: CLOSED ERRATA QA Contact: David Lawrence <dkl>
Severity: medium Docs Contact:
Priority: medium    
Version: 3.0CC: security-response-team
Target Milestone: ---Keywords: Security
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard: impact=moderate,source=vendorsec,reported=20060712,public=20060713
Fixed In Version: RHSA-2007-0473 Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2007-06-11 17:50:01 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Mark J. Cox 2007-01-31 10:31:11 UTC 
+++ This bug was initially created as a clone of Bug #198912 +++

When unpacking a .JAR archive with filenames with "../../../...." in it,
"fastjar" from GCC will happily unpack in the "../../../...." directory.

(Credits go to Juergen Weigert for finding this.)

The GCC bug report can be found here:

http://gcc.gnu.org/bugzilla/show_bug.cgi?id=28359
Comment 7 Red Hat Bugzilla 2007-06-11 17:50:01 UTC 
An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on the solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.

http://rhn.redhat.com/errata/RHSA-2007-0473.html