Skip to content

vendor: github.com/vbatts/tar-split v0.12.2 #6351

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
tonistiigi merged 1 commit into from
Nov 11, 2025
Merged

vendor: github.com/vbatts/tar-split v0.12.2 #6351

tonistiigi merged 1 commit into from
Nov 11, 2025

Conversation

@thaJeztah
Copy link
Member

@thaJeztah thaJeztah commented Nov 11, 2025

  • archive/tar: set a limit on the size of GNU sparse file 1.0 regions
  • fixes CVE-2025-58183

full diff: vbatts/tar-split@v0.12.1...v0.12.2

@thaJeztah
vendor: github.com/vbatts/tar-split v0.12.2
c3fd6a3 
- archive/tar: set a limit on the size of GNU sparse file 1.0 regions
- fixes CVE-2025-58183

full diff: vbatts/tar-split@v0.12.1...v0.12.2

Signed-off-by: Sebastiaan van Stijn <[email protected]>
@github-actions github-actions bot added the area/dependencies Pull requests that update a dependency file label Nov 11, 2025
@tonistiigi tonistiigi added this to the v0.26.0 milestone Nov 11, 2025
@tonistiigi tonistiigi merged commit cc2d332 into moby:master Nov 11, 2025
199 of 201 checks passed
@thaJeztah thaJeztah deleted the bump_tarsplit branch November 11, 2025 18:32
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@tonistiigi tonistiigi tonistiigi approved these changes

Assignees

@thaJeztah thaJeztah

Labels

area/dependencies Pull requests that update a dependency file

Projects

None yet

Milestone

v0.26.0

Development

Successfully merging this pull request may close these issues.

2 participants

@thaJeztah @tonistiigi