[Bug 1889672] Re: KDE Project Security Advisory: Ark: maliciously crafted archive can install files outside the extraction directory.

Steve Beattie 1889672 at bugs.launchpad.net
Thu Aug 6 06:57:49 UTC 2020


Thanks for preparing the debdiff and adding the ubuntu-security-sponsors
account; I'll be taking a look at this.

I've pushed the focal version to the ubuntu security proposed ppa
(https://launchpad.net/~ubuntu-security-proposed/+archive/ubuntu/ppa)
after adjusting the version to match the versioning scheme described at
https://wiki.ubuntu.com/SecurityTeam/UpdatePreparation#Update_the_packaging
and tweaking the changelog message.

I don't suppose upstream added any tests to verify correct behavior?

-- 
You received this bug notification because you are a member of Kubuntu
Bugs, which is subscribed to ark in Ubuntu.
https://bugs.launchpad.net/bugs/1889672

Title:
  KDE Project Security Advisory: Ark: maliciously crafted archive can
  install files outside the extraction directory.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/ark/+bug/1889672/+subscriptions




More information about the kubuntu-bugs mailing list