[ubuntu/groovy-proposed] ark 4:20.08.1-0ubuntu1 (Accepted)
Rik Mills
rikmills at kde.org
Tue Sep 1 07:50:11 UTC 2020
ark (4:20.08.1-0ubuntu1) groovy; urgency=medium
* New upstream release (20.08.1)
* SECURITY UPDATE: Maliciously crafted TAR archive with symlinks can
install files outside the extraction directory. (LP: #1893465)
- CVE-2020-24654
- Thanks to Fabian Vogt for reporting this issue and for fixing it.
Date: Tue, 01 Sep 2020 08:48:18 +0100
Changed-By: Rik Mills <rikmills at kde.org>
Maintainer: Debian/Kubuntu Qt/KDE Maintainers <debian-qt-kde at lists.debian.org>
https://launchpad.net/ubuntu/+source/ark/4:20.08.1-0ubuntu1
-------------- next part --------------
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Tue, 01 Sep 2020 08:48:18 +0100
Source: ark
Binary: ark
Architecture: source
Version: 4:20.08.1-0ubuntu1
Distribution: groovy
Urgency: medium
Maintainer: Debian/Kubuntu Qt/KDE Maintainers <debian-qt-kde at lists.debian.org>
Changed-By: Rik Mills <rikmills at kde.org>
Description:
ark - archive utility
Launchpad-Bugs-Fixed: 1893465
Changes:
ark (4:20.08.1-0ubuntu1) groovy; urgency=medium
.
* New upstream release (20.08.1)
* SECURITY UPDATE: Maliciously crafted TAR archive with symlinks can
install files outside the extraction directory. (LP: #1893465)
- CVE-2020-24654
- Thanks to Fabian Vogt for reporting this issue and for fixing it.
Checksums-Sha1:
66395e4523f77fe153c14c1448e707fc48c3cb7e 2679 ark_20.08.1-0ubuntu1.dsc
8be2b8e52e9e79d7861df647b8a810ea6edc31a0 2709500 ark_20.08.1.orig.tar.xz
6a6e45d2bd6106531a07d08ec84a916fd6a1c2f0 15192 ark_20.08.1-0ubuntu1.debian.tar.xz
1cd8fc18417d3c8298cd62375d89ab6dd7dba2b2 32302 ark_20.08.1-0ubuntu1_source.buildinfo
Checksums-Sha256:
803c54c146fc977d61d24690634ebe7b124689f566502dadbf2b35683c9ddd88 2679 ark_20.08.1-0ubuntu1.dsc
32e8546b186b88efc9d4688e02def0b6225d921f9b92cfcd328417f09ec0f725 2709500 ark_20.08.1.orig.tar.xz
dfd9955a2df454c0b22d72d8c4af6541c90063faf42c2bfcd0395765ce58b095 15192 ark_20.08.1-0ubuntu1.debian.tar.xz
b3f9800c2973afaef098bd9c56068fa133b02df594ae1b7ca616faa92e798726 32302 ark_20.08.1-0ubuntu1_source.buildinfo
Files:
df3ddb687c9be9f829a3f06cbb1fbb0d 2679 kde optional ark_20.08.1-0ubuntu1.dsc
2c557f4d866747854372cef17143d04d 2709500 kde optional ark_20.08.1.orig.tar.xz
09859ca302b07066631e9440d2500f53 15192 kde optional ark_20.08.1-0ubuntu1.debian.tar.xz
57a27d67e438a4b21e8c92d609e98eea 32302 kde optional ark_20.08.1-0ubuntu1_source.buildinfo
-----BEGIN PGP SIGNATURE-----
iQJFBAEBCgAvFiEEDMvPrK69u5wsjzS2IqBL75FoutUFAl9N/MgRHHJpa21pbGxz
QGtkZS5vcmcACgkQIqBL75FoutUzxg/+MvqU8GkDaTDAB+oMjH2Xrpi9TmWIEsYv
luCHm3JdD1x5Kog/I13gp5n1BftJUthIOxhZll3179Ovw3tmezUO+L7qevHIlsNr
pWOJD9ZBlNr89DT6vnV8BEeKkE5wlYneN274kYnaodEWpVlEzoen9ZMfubMhEbqN
Q31pWrYDa5yxlBgmEJorYdgyavzn633k/qhKLPgv5VBURNCGQEBeEhI6NM78MeHz
KQzRYOCQoKj7VLmM4LD89iuGLMFwFdhp8yY9aUgOE9EVQlI/WLfdaI4Ze635cecd
f8WtW8zpHAXaPVshIPrJpKlTmiJC7gDgg143gQDSPieRc1ka4Sl1lsPfcZ+82DC6
Fehu56D6+I2vl1uaxTGQ+/BPVSB4SU8KlZfFhH6LEpPlDNu5HeDzbZtYTUSRlbwU
gh7pQvqv2vYXyBOSRDLWANfyc5nuhLCh3MV10cxr1PX9SnSlVlrOfSnj4UZsvYwP
62bCpZjGkOFu7sk4t2qYtTVnO5fI4pgIxTSecWPoeETXBpmAXa2T3laMSCAP3w5o
9imKXBBS/PZSmQpcBLid5I3zoSik5sOBe2f7iVvnhDgZ+07yeJxRTr3KCWqgENxu
VUoqQO+DeyM9loZVlO7OEnkPK/0gCICpUP7xlWtLmewmTWv32w6hLpp77jaOpKMB
C1WPvSgeOtU=
=Nj0g
-----END PGP SIGNATURE-----
More information about the Groovy-changes
mailing list