Oval Definition:oval:com.redhat.rhsa:def:20100505
Revision Date:2010-07-01Version:639
Title:RHSA-2010:0505: perl-Archive-Tar security update (Moderate)
Description:The Archive::Tar module provides a mechanism for Perl scripts to manipulate tar archive files.

  • Multiple directory traversal flaws were discovered in the Archive::Tar module. A specially-crafted tar file could cause a Perl script, using the Archive::Tar module to extract the archive, to overwrite an arbitrary file writable by the user running the script. (CVE-2007-4829)

    This package upgrades the Archive::Tar module to version 1.39_01. Refer to the Archive::Tar module's changes file, linked to in the References, for a full list of changes.

    Users of perl-Archive-Tar are advised to upgrade to this updated package, which corrects these issues. All applications using the Archive::Tar module must be restarted for this update to take effect.
    • Family:unixClass:patch
    Status:Reference(s):CVE-2007-4829
    RHSA-2010:0505
    RHSA-2010:0505-01
    RHSA-2010:0505-01
    Platform(s):Red Hat Enterprise Linux 4
    Red Hat Enterprise Linux 5
    		Product(s):
    Definition Synopsis
  • Red Hat Enterprise Linux must be installed
  • OR Package Information
  • Red Hat Enterprise Linux 4 is installed
  • AND perl-Archive-Tar is earlier than 0:1.39.1-1.el4_8.1
  • AND perl-Archive-Tar is signed with Red Hat redhatrelease2 key
  • OR Package Information
  • Red Hat Enterprise Linux 5 is installed
  • AND perl-Archive-Tar is earlier than 1:1.39.1-1.el5_5.1
  • AND perl-Archive-Tar is signed with Red Hat redhatrelease2 key
    • Definition Synopsis
  • Release Information
  • Red Hat Enterprise Linux 4 is installed
  • AND perl-Archive-Tar is earlier than 0:1.39.1-1.el4_8.1
  • AND perl-Archive-Tar is signed with Red Hat master key
  • OR Package Information
  • Red Hat Enterprise Linux 5 is installed
  • AND perl-Archive-Tar is earlier than 1:1.39.1-1.el5_5.1
  • AND perl-Archive-Tar is signed with Red Hat redhatrelease key
    • BACK