Описание
Security update for ark
This update for ark fixes the following issues:
- Fixed a directory traversal bug (boo#1174773, CVE-2020-16116).
Список пакетов
SUSE Package Hub 15 SP1
ark-20.04.2-bp152.2.3.1
ark-lang-20.04.2-bp152.2.3.1
libkerfuffle18-18.12.3-bp151.3.3.1
libkerfuffle20-20.04.2-bp152.2.3.1
SUSE Package Hub 15 SP2
ark-20.04.2-bp152.2.3.1
ark-lang-20.04.2-bp152.2.3.1
libkerfuffle18-18.12.3-bp151.3.3.1
libkerfuffle20-20.04.2-bp152.2.3.1
openSUSE Leap 15.1
ark-20.04.2-bp152.2.3.1
ark-lang-20.04.2-bp152.2.3.1
libkerfuffle18-18.12.3-bp151.3.3.1
libkerfuffle20-20.04.2-bp152.2.3.1
openSUSE Leap 15.2
ark-20.04.2-bp152.2.3.1
ark-lang-20.04.2-bp152.2.3.1
libkerfuffle18-18.12.3-bp151.3.3.1
libkerfuffle20-20.04.2-bp152.2.3.1
Ссылки
- E-Mail link for openSUSE-SU-2020:1183-1
- SUSE Security Ratings
- SUSE Bug 1174773
- SUSE CVE CVE-2020-16116 page
Описание
In kerfuffle/jobs.cpp in KDE Ark before 20.08.0, a crafted archive can install files outside the extraction directory via ../ directory traversal.
Затронутые продукты
SUSE Package Hub 15 SP1:ark-20.04.2-bp152.2.3.1
SUSE Package Hub 15 SP1:ark-lang-20.04.2-bp152.2.3.1
SUSE Package Hub 15 SP1:libkerfuffle18-18.12.3-bp151.3.3.1
SUSE Package Hub 15 SP1:libkerfuffle20-20.04.2-bp152.2.3.1
Ссылки
- CVE-2020-16116
- SUSE Bug 1174773