Synopsis: Moderate: libtar security update
Advisory ID: SLSA-2013:1418-1
Issue Date: 2013-10-10
CVE Numbers: CVE-2013-4397
—
Two heap-based buffer overflow flaws were found in the way libtar handled
certain archives. If a user were tricked into expanding a specially-
crafted archive, it could cause the libtar executable or an application
using libtar to crash or, potentially, execute arbitrary code.
(CVE-2013-4397)
Note: This issue only affected 32-bit builds of libtar.
—
SL6
x86_64
libtar-1.2.11-17.el6_4.1.x86_64.rpm
libtar-debuginfo-1.2.11-17.el6_4.1.x86_64.rpm
libtar-1.2.11-17.el6_4.1.i686.rpm
libtar-debuginfo-1.2.11-17.el6_4.1.i686.rpm
libtar-devel-1.2.11-17.el6_4.1.i686.rpm
libtar-devel-1.2.11-17.el6_4.1.x86_64.rpm
i386
libtar-1.2.11-17.el6_4.1.i686.rpm
libtar-debuginfo-1.2.11-17.el6_4.1.i686.rpm
libtar-devel-1.2.11-17.el6_4.1.i686.rpm
– Scientific Linux Development Team
