ということで久々の FreeBSD-SA なわけですが...

I. Background

The libarchive library provides a flexible interface for reading and
writing streaming archive files such as tar and cpio, and has been the
basis for FreeBSD's implementation of the tar(1) utility since FreeBSD 5.3.

;

III. Impact

An attacker who can cause a corrupt archive of his choice to be parsed
by libarchive, including by having "tar -x" (extract) or "tar -t" (list
entries) run on it, can cause libarchive to enter an infinite loop, to
core dump, or possibly to execute arbitrary code provided by the
attacker.

http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/1485

ということですので、SA の通り修正済みのバージョンまで上げるか、パッチを当てて関連ファイルの再構築をしておきましょう。