UbuntuUpdates.org

Package "ark"

Name: ark

Description:

archive utility

Latest version: 4:15.12.3-0ubuntu1.2
Release: xenial (16.04)
Level: updates
Repository: universe
Homepage: http://www.kde.org/

Links


Download "ark"


Other versions of "ark" in Xenial

Repository Area Version
base universe 4:15.12.3-0ubuntu1
security universe 4:15.12.3-0ubuntu1.2
PPA: Kubuntu-ppa Backports 4:16.04.3a-0ubuntu2.1~ubuntu16.04~ppa1

Packages in group

Deleted packages are displayed in grey.


Changelog

Version: 4:15.12.3-0ubuntu1.2 2020-09-01 21:06:16 UTC

  ark (4:15.12.3-0ubuntu1.2) xenial-security; urgency=medium

  * SECURITY UPDATE: maliciously crafted TAR archive with symlinks can
    install files outside the extraction directory. (LP: #1893465)
    - 002-CVE-2020-24654-tar-symlinks-outside-extraction-directory.patch
    - CVE-2020-24654
    - Thanks to Fabian Vogt for reporting this issue and for fixing it.

 -- Eduardo Barretto <email address hidden> Tue, 01 Sep 2020 11:31:33 -0300

Source diff to previous version
1893465 KDE Project Security Advisory: Ark: maliciously crafted TAR archive with symlinks can install files outside the extraction directory.
CVE-2020-24654 RESERVED

Version: 4:15.12.3-0ubuntu1.1 2017-01-21 03:07:03 UTC

  ark (4:15.12.3-0ubuntu1.1) xenial-security; urgency=medium

  * SECURITY UPDATE: Stop running executables when opening urls (LP: #1655507)
    - debian/patches/00_disable_open_functionality.patch
    - CVE-2017-5530

 -- Clive Johnston <email address hidden> Wed, 11 Jan 2017 16:42:19 +0000

1655507 CVE-2017-5330 - Ark: unintended execution of scripts and executable files



About   -   Send Feedback to @ubuntu_updates