stable

CVE-2021-33640

FEDORA-2022-88772d0a2d created by kdudka 2 years ago for Fedora 37
  • fix use-after-free bugs introduced by incorrect memleak fixes (CVE-2021-33640)

How to install

Updates may require up to 24 hours to propagate to mirrors. If the following command doesn't work, please retry later:

sudo dnf upgrade --refresh --advisory=FEDORA-2022-88772d0a2d

This update has been submitted for testing by kdudka.

2 years ago

This update's test gating status has been changed to 'ignored'.

2 years ago

kdudka edited this update.

2 years ago

This update has been pushed to testing.

2 years ago

This update has been submitted for stable by bodhi.

2 years ago

This update has been pushed to stable.

2 years ago

Please login to add feedback.

Metadata
Type
security
Severity
medium
Karma
0
Signed
Content Type
RPM
Test Gating
Autopush Settings
Unstable by Karma
-3
Stable by Karma
3
Stable by Time
7 days
Dates
submitted
2 years ago
in testing
2 years ago
in stable
2 years ago
modified
2 years ago
Builds
1
libtar-1.2.20-26.fc37
BZ#2121291 CVE-2021-33643 libtar: out-of-bounds read in gnu_longlink [fedora-all]
0
0
BZ#2121296 CVE-2021-33645 libtar: memory leak found in th_read() function [fedora-all]
0
0
BZ#2121300 CVE-2021-33644 libtar: out-of-bounds read in gnu_longname [fedora-all]
0
0
BZ#2121304 CVE-2021-33646 libtar: memory leak found in th_read() function doesn’t free a variable t->th_buf.gnu_longname after allocating memory [fedora-all]
0
0
BZ#2154891 CVE-2021-33640 libtar: fixes for CVE-2021-33645 and CVE-2021-33646 introduced new use-after-free bugs in libtar [fedora-all]
0
0
libtar-1.2.20-26.fc37

Automated Test Results

Copyright © 2007-2025 Red Hat, Inc. and others.

Running bodhi-server 8.3.0 on bodhi-web-177-ngwjn.

bodhi is Free Software. Please file issues if you have any problems. Read the documentation.

Composes Legal Privacy policy