Warn about possible risks when extracting untrusted archives.
diff --git a/Doc/lib/libtarfile.tex b/Doc/lib/libtarfile.tex
index b33ac60..d173164 100644
--- a/Doc/lib/libtarfile.tex
+++ b/Doc/lib/libtarfile.tex
@@ -207,6 +207,12 @@
problems: A directory's modification time is reset each time a file is
created in it. And, if a directory's permissions do not allow writing,
extracting files to it will fail.
+ \begin{notice}[warning]
+ Never extract archives from untrusted sources without prior inspection.
+ It is possible that files are created outside of \var{path}, e.g. members
+ that have absolute filenames starting with \code{"/"} or filenames with
+ two dots \code{".."}.
+ \end{notice}
\versionadded{2.5}
\end{methoddesc}
@@ -221,6 +227,10 @@
archive there are some issues you must take care of yourself. See the
description for \method{extractall()} above.
\end{notice}
+
+ \begin{notice}[warning]
+ See the warning for \method{extractall()}.
+ \end{notice}
\end{methoddesc}
\begin{methoddesc}{extractfile}{member}