https://bugzilla.redhat.com/show_bug.cgi?id=1588760
--- Doc Text *updated* by Eric Christensen sparks@redhat.com --- It was found that the Archive::Tar module did not properly sanitize symbolic links when extracting tar archives. An attacker, able to provide a specially crafted archive for processing, could use this flaw to write or overwrite arbitrary files in the context of the Perl interpreter.