GLSA 200812-10: Archive::Tar: Directory traversal vulnerability Affected Packages Package: perl-core/Archive-Tar on all architectures Affected versions: = 1.40 Severity Severity level: normal Exploitability: remote Description A directory traversal vulnerability in Archive::Tar allows a remote attacker to extract files to arbitrary locations outside of the specified directory. Impact A remote attacker could entice a user or automated system to extract a specially crafted tar archive, overwriting files at arbitrary locations outside of the specified directory. Resolution All Archive::Tar users should upgrade to the latest version: References CVE-2007-4829 Additional Information Release date: December 10, 2008 Latest revision: December 10, 2008 Bugzilla entry: 192989