Описание
Security update for p7zip
This update fixes the following security issue:
- CVE-2015-1038: directory traversal vulnerability [bnc#912878]
This could for the overwriting of arbitrary files through uncompressing a crafted archive, with the privileges of the user running 7z
Список пакетов
SUSE Linux Enterprise Desktop 12
p7zip-9.20.1-3.2
SUSE Linux Enterprise Server 12
p7zip-9.20.1-3.2
SUSE Linux Enterprise Server for SAP Applications 12
p7zip-9.20.1-3.2
Ссылки
- Link for SUSE-SU-2015:1433-1
- E-Mail link for SUSE-SU-2015:1433-1
- SUSE Security Ratings
- SUSE Bug 912878
- SUSE CVE CVE-2015-1038 page
Описание
p7zip 9.20.1 allows remote attackers to write to arbitrary files via a symlink attack in an archive.
Затронутые продукты
SUSE Linux Enterprise Desktop 12:p7zip-9.20.1-3.2
SUSE Linux Enterprise Server 12:p7zip-9.20.1-3.2
SUSE Linux Enterprise Server for SAP Applications 12:p7zip-9.20.1-3.2
Ссылки
- CVE-2015-1038
- SUSE Bug 912878