Comment 14 for bug 894755

Submitter: James E. Blair (<email address hidden>)
Branch: stable/diablo

 tag in-stable-diablo

commit 76363226bd8533256f7795bba358d7f4b8a6c9e6
Author: Thierry Carrez <email address hidden>
Date: Thu Dec 1 17:54:16 2011 +0100

    Sanitize EC2 manifests and image tarballs

    Prevent potential directory traversal with malicious EC2 image tarballs,
    by making sure the tarfile is safe before unpacking it. Fixes bug 894755

    Prevent potential directory traversal with malicious file names in
    EC2 image manifests. Fixes bug 885167

    (cherry picked from commit ad3241929ea00569c74505ed002208ce360c667e)

    Change-Id: If6109047307bd6e654ee9d1254f0d7f31cf741c1