From 34777763783f6ffab29aaebabc58683c88d56fd1 Mon Sep 17 00:00:00 2001
From: Ken Moffat <ken@linuxfromscratch.org>
Date: Fri, 14 Apr 2006 19:23:22 +0000
Subject: Add patch for tar re CVE-2006-0300, to fix ticket #1767.

git-svn-id: http://svn.linuxfromscratch.org/LFS/trunk/BOOK@7520 4aa44e1e-78dd-0310-a6d2-fbcd4c07a689
---
 chapter06/tar.xml | 5 +++++
 1 file changed, 5 insertions(+)

(limited to 'chapter06')

diff --git a/chapter06/tar.xml b/chapter06/tar.xml
index 2d04c4364..ee06b442e 100644
--- a/chapter06/tar.xml
+++ b/chapter06/tar.xml
@@ -54,6 +54,11 @@
 
 <screen><userinput>patch -Np1 -i ../&tar-sparse_fix-patch;</userinput></screen>
 
+    <para>Recent versions of tar are vulnerable to a buffer overflow from
+    specially crafted archives. The following patch addresses this:</para>
+
+<screen><userinput>patch -Np1 -i ../&tar-security_fixes-patch;</userinput></screen>
+
     <para>Prepare Tar for compilation:</para>
 
 <screen><userinput>./configure --prefix=/usr --bindir=/bin --libexecdir=/usr/sbin</userinput></screen>
-- 
cgit v1.2.3-54-g00ecf