It was discovered that tar-rs embedded in rustc incorrectly handled symlinks when unpacking a tar archive. If a user or automated system were tricked into processing a specially crafted tar archive, a remote attacker could use this issue to modify permissions of arbitrary directories outside the extraction root, and possibly escalate privileges.
1.75.0+dfsg0ubuntu1~bpo0-0ubuntu0.22.04.11.62.1+dfsg1-1ubuntu0.22.04.31.76.0+dfsg0ubuntu1~bpo0-0ubuntu0.22.04.11.77.2+dfsg1ubuntu1~bpo0-0ubuntu0.22.04.11.78.0+dfsg1ubuntu1~bpo0-0ubuntu0.22.04.11.79.0+dfsg1ubuntu1~bpo0-0ubuntu0.22.04.11.80.1+dfsg0ubuntu1~bpo0-0ubuntu0.22.04.11.81.0+dfsg0ubuntu0-0ubuntu0.22.04.11.82.0+dfsg0ubuntu0~jammy-0ubuntu0.22.04.11.83.0+dfsg0ubuntu2~bpo2-0ubuntu2.22.04.1