FEDORA-2018-4e657bf5e3

security update in Fedora 26 for sharutils

Status: stable a year ago

This release fixes a heap buffer overflow when processing a shar archive by unshar tool if the arhive contains overlong lines.

How to install

sudo dnf upgrade --advisory=FEDORA-2018-4e657bf5e3

Comments 5

This update has been submitted for testing by ppisar.

a year ago

This update has been pushed to testing.

a year ago

This update has reached 7 days in testing and can be pushed to stable now if the maintainer wishes

a year ago

This update has been submitted for stable by ppisar.

a year ago

This update has been pushed to stable.

a year ago

Add Comment & Feedback
Toggle Preview

Comment fields support Fedora-Flavored Markdown. Comments are governed under this privacy policy.

Text fields in Bodhi2 support an enhanced version of markdown. This is a cheat sheet for your reference.

You can do headers by underlining or by prefixing with the # character:

This is an H1
=============

This is an H2
-------------

# This is another H1

## This is another H2

You can do blockquotes using email-style prefixes with the > character:

> This is a quotation
> over many lines
> > and it can be nested(!)

Lists work like you'd expect, by prefixing with any of the *, +, or - characters:

Check out this list:

* This
* is
* a list..

You need a blank line between a paragraph and the start of a list for the renderer to pick up on it.

Emphasis can be added like this:

*italics*
_italics_
**bold**
__bold__

You can save your code references from being misinterpreted as emphasis by surrounding them with backtick characters (`):

Use `the_best_function()` and _not_ that crummy one.

Links look like this:

[text](http://getfedora.org)

..but we also support bare links if you just provide a URL.

You can create code blocks by indenting every line of the block by at least 4 spaces or 1 tab.

Here is a code block:

    for i in range(4):
        print i
    print "done."

You can reference bug reports by simply writing something of the form tracker#ticketid.

This fixes PHP#1234 and Python#2345

... we will automatically generate links to the tickets in the appropriate trackers in place.

The supported bug tracker prefixes are: (these are all case-insensitive)

Fedora, RHBZ and RH (all point to the Red Hat Bugzilla)
GNOME
KDE
PEAR
PHP
Python

And you can refer to other users by prefixing their username with the @ symbol.

Thanks @mattdm!

This will generate a link to their profile, but it won't necessarily send them a notification unless they have a special FMN rule set up to catch it.

Lastly, you can embed inline images with syntax like this:

![Alt text](/path/to/img.jpg)

-1

Feedback Guidelines

Is the update generally functional? (karma)

You need to be logged in to add karma!

#1548018 sharutils: heap-buffer-overflow in find_archive in unshar.c

#1548019 sharutils: heap-buffer-overflow in find_archive in unshar.c [fedora-all]

Content Type

RPM

Status

stable

Test Gating

Submitted by

ppisar

Update Type

security

Update Severity

unspecified

Karma

0
stable threshold: 3
unstable threshold: -3

Autopush

Disabled

Dates

submitted	a year ago
in testing	a year ago
in stable	a year ago

Related Bugs 2


0	0	#1548018 sharutils: heap-buffer-overflow in find_archive in unshar.c
0	0	#1548019 sharutils: heap-buffer-overflow in find_archive in unshar.c [fedora-all]

sharutils-4.15.2-6.fc26

FEDORA-2018-4e657bf5e3

security update in Fedora 26 for sharutils

How to install

Comments 5

Add Comment & Feedback Toggle Preview

Related Bugs 2

Automated Test Results

Add Comment & Feedback
Toggle Preview