Advertisement
GStreamer Conference 2013, 22-23 Oct, Edinburgh
GStreamer, Embedded Linux, Android, VoD, Smooth Streaming, DRM, RTSP, HEVC, PulseAudio, OpenGL. Register now to attend.
| |||||||||||||||||||
Ubuntu alert USN-1906-1 (file-roller)
========================================================================== Ubuntu Security Notice USN-1906-1 July 16, 2013 file-roller vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 13.04 - Ubuntu 12.10 Summary: File Roller could be made to create or overwrite files. Software Description: - file-roller: archive manager for GNOME Details: Yorick Koster discovered that File Roller incorrectly sanitized paths. If a user were tricked into extracting a specially-crafted archive, an attacker could create and overwrite files outside of the extraction directory. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 13.04: file-roller 3.6.3-1ubuntu4.1 Ubuntu 12.10: file-roller 3.6.1.1-0ubuntu1.2 In general, a standard system update will make all the necessary changes. References: http://www.ubuntu.com/usn/usn-1906-1 CVE-2013-4668 Package Information: https://launchpad.net/ubuntu/+source/file-roller/3.6.3-1u... https://launchpad.net/ubuntu/+source/file-roller/3.6.1.1-... -- ubuntu-security-announce mailing list ubuntu-security-announce@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security... (Log in to post comments)
|
|||||||||||||||||||