Updated tar packages fix security vulnerability
Publication date: 12 May 2019Modification date: 12 May 2019
Type: security
Affected Mageia releases : 6
CVE: CVE-2019-9923
Description
pax_decode_header in sparse.c in GNU Tar before 1.32 had a NULL pointer dereference when parsing certain archives that have malformed extended headers (CVE-2019-9923).
References
SRPMS
6/core
- tar-1.31-1.1.mga6