CVE-2010-0624 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0624): Heap-based buffer overflow in the rmt_read__ function in lib/rtapelib.c in the rmt client functionality in GNU tar before 1.23 and GNU cpio before 2.11 allows remote rmt servers to cause a denial of service (memory corruption) or possibly execute arbitrary code by sending more data than was requested, related to archive filenames that contain a : (colon) character.
The original advisory has a nice explanation: http://www.agrs.tu-berlin.de/index.php?id=78327
FYI: bug 309001 shouldn't be a blocker because vapier added a workaround in 1.23-r2
Okay, thanks, we'll move forward then. Arches, please test and mark stable: =app-arch/tar-1.23-r2 Target keywords : "alpha amd64 arm hppa ia64 m68k ppc ppc64 s390 sh sparc x86"
x86 stable
*** Bug 304191 has been marked as a duplicate of this bug. ***
ppc64 stable
Stable for HPPA.
alpha/arm/ia64/m68k/s390/sh/sparc stable
amd64 stable
Marked ppc stable.
Thanks, folks. GLSA request filed.
This issue was resolved and addressed in GLSA 201111-11 at http://security.gentoo.org/glsa/glsa-201111-11.xml by GLSA coordinator Alex Legler (a3li).