ec31e85c-a35c-494f-805f-21a63c135c1b

I've tested Lars's patch against my collection of sly tarballs: https://github.com/jwilk/path-traversal-samples SafeTarFile defeated most, but not all attacks. It still allows directory traversal for these two tarfile: 1) https://github.com/jwilk/path-traversal-samples/releases/download/0/dirsymlink2a.tar lrwxrwxrwx...