Launchpad CVE tracker

CVE 2011-5325

Directory traversal vulnerability in the BusyBox implementation of tar before 1.22.0 v5 allows remote attackers to point to files outside the current working directory via a symlink.

Related bugs and status

CVE-2011-5325 (Candidate) is related to these bugs:

Bug #1737662: Unable to install ubuntu1804 build with Debootstrap warning on witherspoon system

		In	Importance	Status
1737662	Unable to install ubuntu1804 build with Debootstrap warning on witherspoon system	busybox (Ubuntu)	Undecided	Fix Released
1737662	Unable to install ubuntu1804 build with Debootstrap warning on witherspoon system	The Ubuntu-power-systems project	Critical	Fix Released
1737662	Unable to install ubuntu1804 build with Debootstrap warning on witherspoon system	debian-installer (Ubuntu)	Undecided	Fix Released

Bug #1753572: cpio in Busybox 1.27 ingnores "unsafe links"

		In	Importance	Status
1753572	cpio in Busybox 1.27 ingnores "unsafe links"	busybox (Ubuntu)	Undecided	Fix Released
1753572	cpio in Busybox 1.27 ingnores "unsafe links"	debirf (Ubuntu)	Undecided	Confirmed
1753572	cpio in Busybox 1.27 ingnores "unsafe links"	busybox (Ubuntu Bionic)	Undecided	Fix Released
1753572	cpio in Busybox 1.27 ingnores "unsafe links"	debirf (Ubuntu Bionic)	Undecided	Confirmed
1753572	cpio in Busybox 1.27 ingnores "unsafe links"	busybox (Ubuntu Cosmic)	Undecided	Fix Released
1753572	cpio in Busybox 1.27 ingnores "unsafe links"	debirf (Ubuntu Cosmic)	Undecided	Confirmed

See the

CVE page on Mitre.org for more details.

Launchpad.net

CVE 2011-5325

References