Security Advisories (1)

CVE-2018-12015 (2018-06-12)

In Perl through 5.26.2, the Archive::Tar module allows remote attackers to bypass a directory-traversal protection mechanism, and overwrite arbitrary files, via an archive file containing a symlink and a regular file with the same name.

NAME

ptardiff - program that diffs an extracted archive against an unextracted one

DESCRIPTION

ptardiff is a small program that diffs an extracted archive
against an unextracted one, using the perl module Archive::Tar.

This effectively lets you view changes made to an archives contents.

Provide the progam with an ARCHIVE_FILE and it will look up all
the files with in the archive, scan the current working directory
for a file with the name and diff it against the contents of the
archive.

SYNOPSIS

ptardiff ARCHIVE_FILE
ptardiff -h

$ tar -xzf Acme-Buffy-1.3.tar.gz
$ vi Acme-Buffy-1.3/README
[...]
$ ptardiff Acme-Buffy-1.3.tar.gz > README.patch

OPTIONS

h   Prints this help message

	Global
`s`	Focus search bar
`?`	Bring up this help dialog

	GitHub
`g` `p`	Go to pull requests
`g` `i`	Go to GitHub issues (only if GitHub is preferred repository)

	POD
`g` `a`	Go to author
`g` `c`	Go to changes
`g` `i`	Go to issues
`g` `d`	Go to dist
`g` `r`	Go to repository/SCM
`g` `s`	Go to source
`g` `b`	Go to file browse

Search terms
module: (e.g. module:Plugin)
distribution: (e.g. distribution:Dancer auth)
author: (e.g. author:SONGMU Redis)
version: (e.g. version:1.00)

NAME

DESCRIPTION

SYNOPSIS

OPTIONS

SEE ALSO

Module Install Instructions

Keyboard Shortcuts