A deadlock vulnerability was found in 'github.com/containers/storage' in
versions before 1.28.1. When a container image is processed, each layer is
unpacked using `tar`. If one of those layers is not a valid `tar` archive
this causes an error leading to an unexpected situation where the code
indefinitely waits for the tar unpacked stream, which never finishes. An
attacker could use this vulnerability to craft a malicious image, which when
downloaded and stored by an application using containers/storage, would then
cause a deadlock leading to a Denial of Service (DoS).