Security update for tar SUSE Patch security@suse.de SUSE Security Team openSUSE-SU-2019:1237-1 Final 1 1 2019-04-18T13:03:48Z current 2019-04-18T13:03:48Z 2019-04-18T13:03:48Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z Security update for tar This update for tar fixes the following issues: Security issues fixed: - CVE-2019-9923: Fixed a denial of service while parsing certain archives with malformed extended headers in pax_decode_header() (bsc#1130496). - CVE-2018-20482: Fixed a denial of service when the '--sparse' option mishandles file shrinkage during read access (bsc#1120610). This update was imported from the SUSE:SLE-15:Update update project. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). openSUSE-2019-1237 Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/4J7MEOLQLFRA3ARNABFNLF2I4CI6U4D6/#4J7MEOLQLFRA3ARNABFNLF2I4CI6U4D6 E-Mail link for openSUSE-SU-2019:1237-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings https://bugzilla.suse.com/1120610 SUSE Bug 1120610 https://bugzilla.suse.com/1130496 SUSE Bug 1130496 https://www.suse.com/security/cve/CVE-2018-20482/ SUSE CVE CVE-2018-20482 page https://www.suse.com/security/cve/CVE-2019-9923/ SUSE CVE CVE-2019-9923 page openSUSE Leap 15.0 tar-1.30-lp150.7.1 tar-backup-scripts-1.30-lp150.7.1 tar-doc-1.30-lp150.7.1 tar-lang-1.30-lp150.7.1 tar-rmt-1.30-lp150.7.1 tar-tests-1.30-lp150.7.1 tar-1.30-lp150.7.1 as a component of openSUSE Leap 15.0 tar-backup-scripts-1.30-lp150.7.1 as a component of openSUSE Leap 15.0 tar-doc-1.30-lp150.7.1 as a component of openSUSE Leap 15.0 tar-lang-1.30-lp150.7.1 as a component of openSUSE Leap 15.0 tar-rmt-1.30-lp150.7.1 as a component of openSUSE Leap 15.0 tar-tests-1.30-lp150.7.1 as a component of openSUSE Leap 15.0 GNU Tar through 1.30, when --sparse is used, mishandles file shrinkage during read access, which allows local users to cause a denial of service (infinite read loop in sparse_dump_region in sparse.c) by modifying a file that is supposed to be archived by a different user's process (e.g., a system backup running as root). CVE-2018-20482 openSUSE Leap 15.0:tar-1.30-lp150.7.1 openSUSE Leap 15.0:tar-backup-scripts-1.30-lp150.7.1 openSUSE Leap 15.0:tar-doc-1.30-lp150.7.1 openSUSE Leap 15.0:tar-lang-1.30-lp150.7.1 openSUSE Leap 15.0:tar-rmt-1.30-lp150.7.1 openSUSE Leap 15.0:tar-tests-1.30-lp150.7.1 moderate 1.9 AV:L/AC:M/Au:N/C:N/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/4J7MEOLQLFRA3ARNABFNLF2I4CI6U4D6/#4J7MEOLQLFRA3ARNABFNLF2I4CI6U4D6 https://www.suse.com/security/cve/CVE-2018-20482.html CVE-2018-20482 https://bugzilla.suse.com/1120610 SUSE Bug 1120610 pax_decode_header in sparse.c in GNU Tar before 1.32 had a NULL pointer dereference when parsing certain archives that have malformed extended headers. CVE-2019-9923 openSUSE Leap 15.0:tar-1.30-lp150.7.1 openSUSE Leap 15.0:tar-backup-scripts-1.30-lp150.7.1 openSUSE Leap 15.0:tar-doc-1.30-lp150.7.1 openSUSE Leap 15.0:tar-lang-1.30-lp150.7.1 openSUSE Leap 15.0:tar-rmt-1.30-lp150.7.1 openSUSE Leap 15.0:tar-tests-1.30-lp150.7.1 low 5 AV:N/AC:L/Au:N/C:N/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/4J7MEOLQLFRA3ARNABFNLF2I4CI6U4D6/#4J7MEOLQLFRA3ARNABFNLF2I4CI6U4D6 https://www.suse.com/security/cve/CVE-2019-9923.html CVE-2019-9923 https://bugzilla.suse.com/1130496 SUSE Bug 1130496