CVE-2011-5325

Priority
Description
Directory traversal vulnerability in the BusyBox implementation of tar
before 1.22.0 v5 allows remote attackers to point to files outside the
current working directory via a symlink.
Notes
 mdeslaur> bionic only contains first commit
 mdeslaur> adding the second commit to bionic introduced a regression in
 mdeslaur> debootstrep, see LP: #1737662
 mdeslaur> new third commit mostly reverses second commit
 mdeslaur> two new commits are now available that possibly fix further
 mdeslaur> symlink issues
Assigned-to
mdeslaur
More Information

Updated: 2019-01-14 21:14:32 UTC (commit 51f9b73af244ba86b9321e46e526586c25a8e060)