Bug #27008 :: Symlink out-of-path write vulnerability (CVE-2020-36193)

Package home | Report new bug | New search | Development Roadmap

Status: Open | Feedback | All | Closed Since Version 1.6.0

Bug #27008	Symlink out-of-path write vulnerability (CVE-2020-36193)
Submitted:	2021-01-18 13:26 UTC
From:	mrook	Assigned:	mrook
Status:	Closed	Package:	Archive_Tar (version 1.4.11)
PHP Version:	Irrelevant	OS:
Roadmaps:	1.4.12
Subscription	Your email:

Comments Add Comment Add patch

Anyone can comment on a bug. Have a simpler test case? Does it work for you on a different platform? Let us know! Just going to say 'Me too!'? Don't clutter the database with that please !

Your email address: MUST BE VALID
Solve the problem : 42 - 39 = ?

[2021-01-18 13:26 UTC] mrook (Michiel Rook)

Description:
------------
See:

* 
https://github.com/pear/Archive_Tar/commit/cde460582ff389404b5b3ccb59
374e9b389de916

Comments

[2021-01-18 19:29 UTC] mrook (Michiel Rook)

-Summary:     Symlink out-of-path write vulnerability
+Summary:     Symlink out-of-path write vulnerability
              (CVE-2020-36193)
-Status:      Open
+Status:      Closed
-Assigned To:
+Assigned To: mrook