Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

suse-cvrf логотип

openSUSE-SU-2023:0424-1

Опубликовано: 30 дек. 2023
Источник: suse-cvrf

Описание

Security update for deepin-compressor

This update for deepin-compressor fixes the following issues:

  • CVE-2023-50255: Fix Zip Path Traversal (boo#1218428)

Список пакетов

SUSE Package Hub 15 SP4
deepin-compressor-5.12.2-bp154.2.3.1
deepin-compressor-lang-5.12.2-bp154.2.3.1
openSUSE Leap 15.4
deepin-compressor-5.12.2-bp154.2.3.1
deepin-compressor-lang-5.12.2-bp154.2.3.1

Ссылки

Описание

Deepin-Compressor is the default archive manager of Deepin Linux OS. Prior to 5.12.21, there's a path traversal vulnerability in deepin-compressor that can be exploited to achieve Remote Command Execution on the target system upon opening crafted archives. Users are advised to update to version 5.12.21 which addresses the issue. There are no known workarounds for this vulnerability.

Затронутые продукты
SUSE Package Hub 15 SP4:deepin-compressor-5.12.2-bp154.2.3.1
SUSE Package Hub 15 SP4:deepin-compressor-lang-5.12.2-bp154.2.3.1
openSUSE Leap 15.4:deepin-compressor-5.12.2-bp154.2.3.1
openSUSE Leap 15.4:deepin-compressor-lang-5.12.2-bp154.2.3.1
Ссылки