[ubuntu/focal-updates] ark 4:19.12.3-0ubuntu1.2 (Accepted)

Ubuntu Archive Robot cjwatson+ubuntu-archive-robot at chiark.greenend.org.uk
Tue Sep 1 20:28:14 UTC 2020

ark (4:19.12.3-0ubuntu1.2) focal-security; urgency=medium

  * SECURITY UPDATE: maliciously crafted TAR archive with symlinks can
    install files outside the extraction directory. (LP: #1893465)
    - 002-CVE-2020-24654-tar-symlinks-outside-extraction-directory.patch
    - CVE-2020-24654
    - Thanks to Fabian Vogt for reporting this issue and for fixing it.

Date: 2020-09-01 17:08:20.628747+00:00
Changed-By: vishnunaini <vishnu at vishnunaini.com>
Signed-By: Ubuntu Archive Robot <cjwatson+ubuntu-archive-robot at chiark.greenend.org.uk>
-------------- next part --------------
Sorry, changesfile not available.

More information about the Focal-changes mailing list