Source: tar Source-Version: 1.34+dfsg-1 Hi,
On Wed, Jan 20, 2021 at 07:41:49AM +0100, Salvatore Bonaccorso wrote: > Source: tar > Version: 1.32+dfsg-1 > Severity: important > Tags: security upstream > Forwarded: https://savannah.gnu.org/bugs/?59897 > X-Debbugs-Cc: car...@debian.org, Debian Security Team > <t...@security.debian.org> > Control: found -1 .30+dfsg-6 > > Hi, > > The following vulnerability was published for tar. > > CVE-2021-20193[0]: > | Memory leak in read_header() in list.c > > If you fix the vulnerability please also make sure to include the > CVE (Common Vulnerabilities & Exposures) id in your changelog entry. > > For further information see: > > [0] https://security-tracker.debian.org/tracker/CVE-2021-20193 > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20193 > [1] https://savannah.gnu.org/bugs/?59897 > [2] > https://git.savannah.gnu.org/cgit/tar.git/commit/?id=d9d4435692150fa8ff68e1b1a473d187cc3fd777 This issue was fixed with the 1.34+dfsg-1 but bug not closed, so doing manually. Regards, Salvatore
