CVE-2011-5325

Priority
Description
Directory traversal vulnerability in the BusyBox implementation of tar
before 1.22.0 v5 allows remote attackers to point to files outside the
current working directory via a symlink.
Notes
 mdeslaur> bionic only contains first commit
 mdeslaur> adding the second commit to bionic introduced a regression in
 mdeslaur> debootstrep, see LP: #1737662
 mdeslaur> new third commit mostly reverses second commit
 mdeslaur> two new commits are now available that possibly fix further
 mdeslaur> symlink issues
Assigned-to
mdeslaur
More Information

Updated: 2019-04-26 14:14:34 UTC (commit 30899e40836d26e1bb5f0b072d31fd87b6cf3bd4)