oss-sec mailing list archives
Re: CVE Request: BusyBox tar directory traversal
From: Jeremy Stanley <fungi () yuggoth org>
Date: Fri, 23 Oct 2015 13:44:58 +0000
On 2015-10-23 14:24:41 +0200 (+0200), Yves-Alexis Perez <corsac () debian org> wrote:
On ven., 2015-10-23 at 03:01 -0400, Robert Watson wrote:Remember that tar was created primarily for software distributionActually no, it was created to write archives to (magnetic) tapes.
[...] Stop, you're both right! The first tar shipped in V7 UNIX as an improved replacement for the tp utility. Take a guess what archive format AT&T used on the PDP-11 install tapes for V7 (ignoring the self-executing stub they prepended, of course). -- Jeremy Stanley
Current thread:
- CVE Request: BusyBox tar directory traversal Tyler Hicks (Oct 21)
- Re: CVE Request: BusyBox tar directory traversal Tyler Hicks (Oct 21)
- Re: CVE Request: BusyBox tar directory traversal cve-assign (Oct 21)
- Re: CVE Request: BusyBox tar directory traversal Robert Watson (Oct 22)
- Re: CVE Request: BusyBox tar directory traversal Tim Brown (Oct 22)
- Re: CVE Request: BusyBox tar directory traversal Robert Watson (Oct 23)
- Re: CVE Request: BusyBox tar directory traversal Yves-Alexis Perez (Oct 23)
- Re: CVE Request: BusyBox tar directory traversal Robert Watson (Oct 23)
- Re: CVE Request: BusyBox tar directory traversal Jeremy Stanley (Oct 23)
- Re: CVE Request: BusyBox tar directory traversal Jeremy Stanley (Oct 23)
- Re: CVE Request: BusyBox tar directory traversal Tim Brown (Oct 22)
- Re: CVE Request: BusyBox tar directory traversal Russ Allbery (Oct 23)