perl: Directory traversal in Archive::Tar (CVE-2018-12015)
In Perl through 5.26.2, the Archive::Tar module allows remote attackers
to bypass a directory-traversal protection mechanism,
and overwrite arbitrary files, via an archive file containing a symlink and a regular file with the same name.
(from redmine: issue id 8981, created on 2018-06-12, closed on 2018-07-30)