tar 보안 업데이트
Web Browser 로는 FTP 접속이 불가능 합니다.
문서번호 : 1167319690
업데이트 : 2006.12.29
상세내용
. CVE-2006-6097:
GNU tar 1.16 and 1.15.1, and possibly other versions, allows user-assisted
attackers to overwrite arbitrary files via a tar file that contains a
GNUTYPE_NAMES record with a symbolic link, which is not properly handled
by the extract_archive function in extract.c and extract_mangle function
in mangle.c, a variant of CVE-2002-1216.
Autoupdates 지원 : 지원
update 패키지
RPMS :
. tar-1.14-12.i686.rpm
SRPMS :
. tar-1.14-12.src.rpm
참고 :
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6097
|