Fedora Account System
Red Hat Associate
Red Hat Customer
Flaw bug created to hold information about an old flaw we knew something about. For more details see the MITRE CVE description.
MITRE description: GNU tar 1.16 and 1.15.1, and possibly other versions, allows user-assisted attackers to overwrite arbitrary files via a tar file that contains a GNUTYPE_NAMES record with a symbolic link, which is not properly handled by the extract_archive function in extract.c and extract_mangle function in mangle.c, a variant of CVE-2002-1216.
Statement: Red Hat Enterprise Linux 5 is not vulnerable to this issue as it contains a backported patch.