UbuntuUpdates.org

Package "file-roller"

Name: file-roller

Description:

archive manager for GNOME

Latest version: 3.36.3-0ubuntu1.1
Release: focal (20.04)
Level: updates
Repository: main
Homepage: https://wiki.gnome.org/Apps/FileRoller

Links


Download "file-roller"


Other versions of "file-roller" in Focal

Repository Area Version
base main 3.36.1-1
security main 3.36.3-0ubuntu1.1

Changelog

Version: 3.36.3-0ubuntu1.1 2021-04-26 15:07:34 UTC

  file-roller (3.36.3-0ubuntu1.1) focal-security; urgency=medium

  * SECURITY UPDATE: Directory Traversal
    - debian/patches/CVE-2020-36314.patch: skip files with symlinks in
      parents in src/fr-archive-libarchive.c.
    - CVE-2020-36314

 -- Leonidas Da Silva Barbosa <email address hidden> Fri, 09 Apr 2021 14:11:50 -0300

Source diff to previous version
CVE-2020-36314 fr-archive-libarchive.c in GNOME file-roller through 3.38.0, as used by GNOME Shell and other software, allows Directory Traversal during extraction

Version: 3.36.3-0ubuntu1 2020-10-12 10:06:57 UTC

  file-roller (3.36.3-0ubuntu1) focal; urgency=medium

  * New stable update (lp: #1897170)

 -- Sebastien Bacher <email address hidden> Thu, 24 Sep 2020 20:53:08 +0200

Source diff to previous version
1897170 SRU the current 3.36.3 stable update

Version: 3.36.2-0ubuntu1 2020-05-12 19:07:45 UTC

  file-roller (3.36.2-0ubuntu1) focal; urgency=medium

  * New stable update (lp: #1875589)
  * debian/patches/CVE-2020-11736.patch:
    - removed, included in the new version

 -- Sebastien Bacher <email address hidden> Tue, 28 Apr 2020 10:48:21 +0200

Source diff to previous version
1875589 SRU the current 3.36.2 stable update
CVE-2020-11736 fr-archive-libarchive.c in GNOME file-roller through 3.36.1 allows Directory Traversal during extraction because it lacks a check of whether a file's

Version: 3.36.1-1ubuntu0.1 2020-04-28 22:44:06 UTC

  file-roller (3.36.1-1ubuntu0.1) focal-security; urgency=medium

  * SECURITY UPDATE: Directory traversal
    - debian/patches/CVE-2020-11736.patch: do not follow external
      links when extracting files in src/fr-archive-libarchive.c.
    - CVE-2020-11736

 -- <email address hidden> (Leonidas S. Barbosa) Mon, 27 Apr 2020 09:22:51 -0300

CVE-2020-11736 fr-archive-libarchive.c in GNOME file-roller through 3.36.1 allows Directory Traversal during extraction because it lacks a check of whether a file's



About   -   Send Feedback to @ubuntu_updates