CVE-2016-6321 Ubuntu Security Notification for Tar Vulnerability (USN-3132-1)

It was discovered that tar incorrectly handled extracting files when path names are specified on the command line.

If a user or automated system were tricked into processing a specially crafted archive, an attacker could possibly overwrite arbitrary files.

Refer to Ubuntu advisory USN-3132-1 for affected packages and patching details, or update with your package manager.

Patch:
Following are links for downloading patches to fix the vulnerabilities:

USN-3132-1: 14.04 (Kylin) on src (tar)

USN-3132-1: 16.10 (Yakkety) on src (tar)

USN-3132-1: 16.04 (Xenial) on src (tar)

USN-3132-1: 12.04 (Precise) on src (tar)