Oval Definition:oval:org.cisecurity:def:1806
Revision Date:2017-03-03Version:6
Title:DSA-3778-1 -- ruby-archive-tar-minitar -- security update
Description:Michal Marek discovered that ruby-archive-tar-minitar, a Ruby library that provides the ability to deal with POSIX tar archive files, is prone to a directory traversal vulnerability. An attacker can take advantage of this flaw to overwrite arbitrary files during archive extraction via a .. (dot dot) in an extracted filename.
Family:unixClass:patch
Status:ACCEPTEDReference(s):CVE-2016-10173
DSA-3778-1
Platform(s):Debian 8
Product(s):ruby-archive-tar-minitar
Definition Synopsis
  • Debian 8 is installed
  • AND ruby-archive-tar-minitar is earlier than 0:0.5.2-2+deb8u1
    • BACK