Описание
Security update for ark
This update for ark fixes the following issues:
- CVE-2024-57966: Disable extraction to absolute path from an archive (boo#1236737)
Список пакетов
SUSE Package Hub 15 SP6
ark-23.08.5-bp156.2.3.1
ark-lang-23.08.5-bp156.2.3.1
libkerfuffle23-23.08.5-bp156.2.3.1
openSUSE Leap 15.6
ark-23.08.5-bp156.2.3.1
ark-lang-23.08.5-bp156.2.3.1
libkerfuffle23-23.08.5-bp156.2.3.1
Ссылки
- E-Mail link for openSUSE-SU-2025:0090-1
- SUSE Security Ratings
- SUSE Bug 1236737
- SUSE CVE CVE-2024-57966 page
Описание
libarchiveplugin.cpp in KDE ark before 24.12.0 can extract to an absolute path from an archive.
Затронутые продукты
SUSE Package Hub 15 SP6:ark-23.08.5-bp156.2.3.1
SUSE Package Hub 15 SP6:ark-lang-23.08.5-bp156.2.3.1
SUSE Package Hub 15 SP6:libkerfuffle23-23.08.5-bp156.2.3.1
openSUSE Leap 15.6:ark-23.08.5-bp156.2.3.1
Ссылки
- CVE-2024-57966
- SUSE Bug 1236737