On Oct 10, 2005, at 5:43 PM, Gene Heskett wrote:
I've been running 1.15.1 on this FC2 box now for about 3 months,
and it
appears to be completey compatible. Then I read someplace where a
security hole had been found in pre 1.15 issues, so I thought I'd
try to
upgrade my firewall box, which is still running 7.3, but with a 2.4.29
kernel.
Hi Gene, the only recent tar report I've seen is regarding tar
preserving setuid/setgid information, which is actually the intended
behavior of tar, so I am not sure that anyone even patched it.
See http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2541 and
http://marc.theaimsgroup.com/?l=bugtraq&m=112327628230258&w=2
I don't think that there are any other (unpatched) security issues
aside from that.
-Jeff
--
fedora-legacy-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-legacy-list
