Package "node-tar"

Name:	node-tar
Description:	read and write portable tar archives module for Node.js
Latest version:	6.2.1+ds1+~cs6.1.13-10
Release:	resolute (26.04)
Level:	proposed
Repository:	universe
Homepage:	https://github.com/isaacs/node-tar

Links

Raw Package Information

All versions of this package

Bug fixes

List of files in package

Repository home page

Download "node-tar"

All arch deb package

APT INSTALL

Other versions of "node-tar" in Resolute

Repository	Area	Version
base	universe	6.2.1+ds1+~cs6.1.13-7

Changelog

Version: 6.2.1+ds1+~cs6.1.13-10 2026-04-18 11:08:43 UTC

node-tar (6.2.1+ds1+~cs6.1.13-10) unstable; urgency=medium * Team upload * Add patches for CVE-2026-24842 and CVE-2026-31802 (both introduced into 6.2.1+ds1+~cs6.1.13-6 with upstream patch to fix CVE-2026-23745) -- Xavier Guimard <email address hidden> Tue, 24 Mar 2026 12:02:57 +0100

CVE-2026-24842	node-tar,a Tar for Node.js, contains a vulnerability in versions prior to 7.5.7 where the security check for hardlink entries uses different path res
CVE-2026-31802	node-tar is a full-featured Tar for Node.js. Prior to version 7.5.11, tar (npm) can be tricked into creating a symlink that points outside the extrac
CVE-2026-23745	node-tar is a Tar for Node.js. The node-tar library (<= 7.5.2) fails to sanitize the linkpath of Link (hardlink) and SymbolicLink entries when preser

About - Send Feedback to @ubuntu_updates

Package "node-tar"

Links

Download "node-tar"

Other versions of "node-tar" in Resolute

Changelog

Share this page

Bookmarks

Latest updates

proposed

base

PPA updates