[Bug 1889672] Re: KDE Project Security Advisory: Ark: maliciously crafted archive can install files outside the extraction directory.
Steve Beattie
1889672 at bugs.launchpad.net
Thu Aug 6 06:57:49 UTC 2020
Thanks for preparing the debdiff and adding the ubuntu-security-sponsors
account; I'll be taking a look at this.
I've pushed the focal version to the ubuntu security proposed ppa
(https://launchpad.net/~ubuntu-security-proposed/+archive/ubuntu/ppa)
after adjusting the version to match the versioning scheme described at
https://wiki.ubuntu.com/SecurityTeam/UpdatePreparation#Update_the_packaging
and tweaking the changelog message.
I don't suppose upstream added any tests to verify correct behavior?
--
You received this bug notification because you are a member of Kubuntu
Bugs, which is subscribed to ark in Ubuntu.
https://bugs.launchpad.net/bugs/1889672
Title:
KDE Project Security Advisory: Ark: maliciously crafted archive can
install files outside the extraction directory.
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/ark/+bug/1889672/+subscriptions
More information about the kubuntu-bugs
mailing list