2
Candidate: CVE-2006-6097
4
https://usn.ubuntu.com/usn/usn-385-1
5
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6097
7
GNU tar 1.16 and 1.15.1, and possibly other versions, allows user-assisted
8
attackers to overwrite arbitrary files via a tar file that contains a
9
GNUTYPE_NAMES record with a symbolic link, which is not properly handled by
10
the extract_archive function in extract.c and extract_mangle function in
11
mangle.c, a variant of CVE-2002-1216.
15
dapper_tar: released (1.15.1-2ubuntu2.2)
16
edgy_tar: released (1.15.91-2ubuntu0.4)
17
feisty_tar: released (1.16-2ubuntu0.1)
18
devel_tar: released (1.18-2ubuntu1)