[ubuntu/trusty-updates] extplorer 2.1.0b6+dfsg.3-4+deb7u4build0.14.04.1 (Accepted)

Ubuntu Archive Robot cjwatson+ubuntu-archive-robot at chiark.greenend.org.uk
Mon Aug 22 17:28:11 UTC 2016


extplorer (2.1.0b6+dfsg.3-4+deb7u4build0.14.04.1) trusty-security; urgency=medium

  * fake sync from Debian

extplorer (2.1.0b6+dfsg.3-4+deb7u4) wheezy-security; urgency=high

  * CVE-2016-4313: Fix archive traversal exploit in .zip extraction. The
    unzip/extract feature allowed for path traversal as decompressed files can
    be placed outside of the intended target directory if the archive content
    contained "../" characters.

Date: 2016-08-20 00:08:13.301900+00:00
Changed-By: Steve Beattie <sbeattie at ubuntu.com>
Signed-By: Ubuntu Archive Robot <cjwatson+ubuntu-archive-robot at chiark.greenend.org.uk>
https://launchpad.net/ubuntu/+source/extplorer/2.1.0b6+dfsg.3-4+deb7u4build0.14.04.1
-------------- next part --------------
Sorry, changesfile not available.


More information about the Trusty-changes mailing list