RHSA-2023:0842: Moderate: tar security update

Q: What is the severity of RHSA-2023:0842?

The severity of RHSA-2023:0842 is classified as moderate.

Q: How do I fix RHSA-2023:0842?

To fix RHSA-2023:0842, upgrade the tar package to version 1.30-6.el8_7.1 or later.

Q: What is the underlying issue in RHSA-2023:0842?

The underlying issue in RHSA-2023:0842 is a heap buffer overflow at from_header() in list.c due to a specially crafted checksum.

Q: Which package is affected by RHSA-2023:0842?

The affected package in RHSA-2023:0842 is the tar program.

Q: What version of tar should I install to resolve RHSA-2023:0842?

You should install tar version 1.30-6.el8_7.1 or later to resolve RHSA-2023:0842.

Published Feb 21, 2023

Updated

The GNU tar program can save multiple files in an archive and restore files from an archive.Security Fix(es): tar: heap buffer overflow at fromheader() in list.c via specially crafted checksum (CVE-2022-48303) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Affected Software

12 affected componentsFixes available

redhat/tar<1.30-6.el8_7.1

1.30-6.el8_7.1

redhat/tar<1.30-6.el8_7.1

1.30-6.el8_7.1

redhat/tar-debuginfo<1.30-6.el8_7.1

1.30-6.el8_7.1

redhat/tar-debugsource<1.30-6.el8_7.1

1.30-6.el8_7.1

redhat/tar-debuginfo<1.30-6.el8_7.1

1.30-6.el8_7.1

redhat/tar-debugsource<1.30-6.el8_7.1

1.30-6.el8_7.1

redhat/tar<1.30-6.el8_7.1

1.30-6.el8_7.1

redhat/tar-debuginfo<1.30-6.el8_7.1

1.30-6.el8_7.1

redhat/tar-debugsource<1.30-6.el8_7.1

1.30-6.el8_7.1

redhat/tar<1.30-6.el8_7.1.aa

1.30-6.el8_7.1.aa

redhat/tar-debuginfo<1.30-6.el8_7.1.aa

1.30-6.el8_7.1.aa

redhat/tar-debugsource<1.30-6.el8_7.1.aa

1.30-6.el8_7.1.aa

Remediation

Event History

Feb 21, 2023

Advisory Published

12:00 AM

Frequently Asked Questions

What is the severity of RHSA-2023:0842?

The severity of RHSA-2023:0842 is classified as moderate.

How do I fix RHSA-2023:0842?

To fix RHSA-2023:0842, upgrade the tar package to version 1.30-6.el8_7.1 or later.

What is the underlying issue in RHSA-2023:0842?

The underlying issue in RHSA-2023:0842 is a heap buffer overflow at from_header() in list.c due to a specially crafted checksum.

Which package is affected by RHSA-2023:0842?

The affected package in RHSA-2023:0842 is the tar program.

What version of tar should I install to resolve RHSA-2023:0842?

You should install tar version 1.30-6.el8_7.1 or later to resolve RHSA-2023:0842.

RHSA-2023:0842: Moderate: tar security update

Affected Software

Remediation

Event History

Don't miss critical vulnerabilities

Frequently Asked Questions

What is the severity of RHSA-2023:0842?

How do I fix RHSA-2023:0842?

What is the underlying issue in RHSA-2023:0842?

Which package is affected by RHSA-2023:0842?

What version of tar should I install to resolve RHSA-2023:0842?

Company

Resources

Contact