Bug 251921 (CVE-2007-4131)
Summary: | CVE-2007-4131 tar directory traversal vulnerability | ||||||
---|---|---|---|---|---|---|---|
Product: | [Other] Security Response | Reporter: | Tomas Hoger <thoger> | ||||
Component: | vulnerability | Assignee: | Red Hat Product Security <security-response-team> | ||||
Status: | CLOSED ERRATA | QA Contact: | |||||
Severity: | medium | Docs Contact: | |||||
Priority: | medium | ||||||
Version: | unspecified | CC: | kreilly, rbrich, rvokal | ||||
Target Milestone: | --- | Keywords: | Security | ||||
Target Release: | --- | ||||||
Hardware: | All | ||||||
OS: | Linux | ||||||
Whiteboard: | |||||||
Fixed In Version: | Doc Type: | Bug Fix | |||||
Doc Text: | Story Points: | --- | |||||
Clone Of: | Environment: | ||||||
Last Closed: | 2007-08-31 07:40:30 UTC | Type: | --- | ||||
Regression: | --- | Mount Type: | --- | ||||
Documentation: | --- | CRM: | |||||
Verified Versions: | Category: | --- | |||||
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |||||
Cloudforms Team: | --- | Target Upstream Version: | |||||
Embargoed: | |||||||
Bug Depends On: | 252967, 252968, 252969, 252970, 253684, 253685 | ||||||
Bug Blocks: | |||||||
Attachments: |
|
Description
Tomas Hoger
2007-08-13 14:23:06 UTC
Created attachment 161175 [details]
contains_dot_dot patch
Patch by Dmitry V. Levin used by Owl.
Patch is in upstream cvs, embargo removed. This issue did not affect tar packages as distributed with Red Hat Enterprise Linux 2.1 or 3. Issue fixed on all supported platforms, closing Security Response bug. |