Fix CVE-2007-4559 warnings in RHEL tar extraction.

[leander-dsouza]

Basic Info

Info	Please fill out this column
Ticket(s) this addresses	resolves #61
Primary OS tested on	RHEL Docker
Is this a breaking change?	No
Does this PR contain AI generated software?	No

---

Description of contribution in a few bullet points

• Added a basic safety check to prevent tar files from extracting files that can have the ability to navigate other paths (For instance, paths having /home/user/../etc/passwd as their filename.

• This feature is automatically built in Python 3.12 as filter = 'data', and is ported back to earlier supported versions as well.

• This bug is a known security issue as CVE-2007-4559 in the National Institute of Standards and Technology (NIST) as a Medium vulnerability.

Description of how this change was tested

• You can use the following Dockerfile for RHEL 10:

  # Use the official RHEL 10 base image
  FROM registry.access.redhat.com/ubi10/ubi:latest
  
  # Update system and install basic packages
  RUN dnf update -y && \
      dnf install -y \
      git && \
      dnf clean all
  
  # Configure git global settings
  RUN git config --global --add init.defaultBranch main && \
      git config --global --add advice.detachedHead true
  
  # Set working directory
  WORKDIR /workspace
  
  # Clone the vcs2l repository
  RUN git clone -b leander-dsouza/fix-rhel-tar-warn https://github.com/ros-infrastructure/vcs2l.git
  
  # Run the tests
  RUN cd vcs2l && \
      python3 -m venv venv && \
      . venv/bin/activate && \
      pip3 install .[test] && \
      pytest -s -v test

• Run all the tests in the Docker container:

  docker build -t vcs2l-test . 

[cottsay]

Sweet and simple, thanks!