Register | Log in

libtar

Choose email to subscribe with

general

source: libtar (main)
version: 1.2.20-8
maintainer: Magnus Holmgren (DMD)
arch: any
std-ver: 4.4.0
VCS: Subversion (Browse)

versions [more versions can be listed by madison] [old versions available from snapshot.debian.org]

[pool directory]

o-o-stable: 1.2.20-7
oldstable: 1.2.20-8
stable: 1.2.20-8

versioned links

1.2.20-7: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
1.2.20-8: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]

binaries

libtar-dev
libtar0

package is gone

This package is not in any development repository. This probably means that the package has been removed (or has been renamed). Thus the information here is of little interest ... the package is going to disappear unless someone takes it over and reintroduces it.

action needed

4 security issues in bullseye high

There are 4 open security issues in bullseye.

4 important issues:

CVE-2021-33643: An attacker who submits a crafted tar file with size in header struct being 0 may be able to trigger an calling of malloc(0) for a variable gnu_longlink, causing an out-of-bounds read.
CVE-2021-33644: An attacker who submits a crafted tar file with size in header struct being 0 may be able to trigger an calling of malloc(0) for a variable gnu_longname, causing an out-of-bounds read.
CVE-2021-33645: The th_read() function doesn’t free a variable t->th_buf.gnu_longlink after allocating memory, which may cause a memory leak.
CVE-2021-33646: The th_read() function doesn’t free a variable t->th_buf.gnu_longname after allocating memory, which may cause a memory leak.

Created: 2025-01-07 Last update: 2025-01-20 15:30

4 security issues in trixie high

There are 4 open security issues in trixie.

4 important issues:

CVE-2021-33643: An attacker who submits a crafted tar file with size in header struct being 0 may be able to trigger an calling of malloc(0) for a variable gnu_longlink, causing an out-of-bounds read.
CVE-2021-33644: An attacker who submits a crafted tar file with size in header struct being 0 may be able to trigger an calling of malloc(0) for a variable gnu_longname, causing an out-of-bounds read.
CVE-2021-33645: The th_read() function doesn’t free a variable t->th_buf.gnu_longlink after allocating memory, which may cause a memory leak.
CVE-2021-33646: The th_read() function doesn’t free a variable t->th_buf.gnu_longname after allocating memory, which may cause a memory leak.

Created: 2025-01-08 Last update: 2025-01-10 00:33

4 security issues in sid high

There are 4 open security issues in sid.

4 important issues:

CVE-2021-33643: An attacker who submits a crafted tar file with size in header struct being 0 may be able to trigger an calling of malloc(0) for a variable gnu_longlink, causing an out-of-bounds read.
CVE-2021-33644: An attacker who submits a crafted tar file with size in header struct being 0 may be able to trigger an calling of malloc(0) for a variable gnu_longname, causing an out-of-bounds read.
CVE-2021-33645: The th_read() function doesn’t free a variable t->th_buf.gnu_longlink after allocating memory, which may cause a memory leak.
CVE-2021-33646: The th_read() function doesn’t free a variable t->th_buf.gnu_longname after allocating memory, which may cause a memory leak.

Created: 2025-01-07 Last update: 2025-01-08 17:30

news

[2025-01-10] libtar REMOVED from testing (Debian testing watch)
[2025-01-09] Removed 1.2.20-8.1 from unstable (Debian FTP Masters)
[2025-01-09] libtar 1.2.20-8.1 MIGRATED to testing (Debian testing watch)
[2024-07-05] libtar REMOVED from testing (Debian testing watch)
[2024-04-24] libtar 1.2.20-8.1 MIGRATED to testing (Debian testing watch)
[2024-02-28] Accepted libtar 1.2.20-8.1 (source) into unstable (Graham Inggs)
[2024-02-02] Accepted libtar 1.2.20-8.1~exp1 (source) into experimental (Steve Langasek)
[2019-09-07] libtar 1.2.20-8 MIGRATED to testing (Debian testing watch)
[2019-08-25] Accepted libtar 1.2.20-8 (source amd64) into unstable (Magnus Holmgren)
[2016-10-24] libtar 1.2.20-7 MIGRATED to testing (Debian testing watch)
[2016-10-11] Accepted libtar 1.2.20-7 (source amd64) into unstable (Magnus Holmgren)
[2016-08-12] libtar 1.2.20-6 MIGRATED to testing (Debian testing watch)
[2016-08-01] Accepted libtar 1.2.20-6 (source amd64) into unstable (Magnus Holmgren)
[2016-04-05] libtar 1.2.20-5 MIGRATED to testing (Debian testing watch)
[2016-03-25] Accepted libtar 1.2.20-5 (source amd64) into unstable (Magnus Holmgren)
[2014-05-06] libtar 1.2.20-4 MIGRATED to testing (Debian testing watch)
[2014-05-03] Accepted libtar 1.2.20-4 (source amd64) (Magnus Holmgren)
[2014-02-26] libtar 1.2.20-3 MIGRATED to testing (Debian testing watch)
[2014-02-24] Accepted libtar 1.2.11-6+deb6u2 (source amd64) (Magnus Holmgren)
[2014-02-24] Accepted libtar 1.2.16-1+deb7u2 (source amd64) (Magnus Holmgren)
[2014-02-15] Accepted libtar 1.2.20-3 (source amd64) (Magnus Holmgren)
[2014-02-15] Accepted libtar 1.2.20-2 (source amd64) (Magnus Holmgren)
[2013-12-22] Accepted libtar 1.2.11-6+deb6u1 (source amd64) (Magnus Holmgren)
[2013-12-14] Accepted libtar 1.2.16-1+deb7u1 (source amd64) (Magnus Holmgren)
[2013-10-13] libtar 1.2.20-1 MIGRATED to testing (Debian testing watch)
[2013-10-10] Accepted libtar 1.2.20-1 (source amd64) (Magnus Holmgren)
[2013-05-16] libtar 1.2.19-1 MIGRATED to testing (Debian testing watch)
[2013-05-05] Accepted libtar 1.2.19-1 (source amd64) (Magnus Holmgren)
[2012-07-03] libtar 1.2.16-1 MIGRATED to testing (Debian testing watch)
[2012-06-22] Accepted libtar 1.2.16-1 (source amd64) (Magnus Holmgren)

1
2

bugs [bug history graph]

all: 0

links

homepage
buildd: logs, cross
popcon
browse source code
edit tags
other distros
security tracker

ubuntu

[Information about Ubuntu for Debian Developers]

version: 1.2.20-8.1build1

Debian Package Tracker — Copyright 2013-2025 The Distro Tracker Developers

Report problems to the tracker.debian.org pseudo-package in the Debian BTS.

Documentation — Bugs — Git Repository — Contributing