This bug was fixed in the package ark - 4:20.08.1-0ubuntu1
--------------- ark (4:20.08.1-0ubuntu1) groovy; urgency=medium
* New upstream release (20.08.1) * SECURITY UPDATE: Maliciously crafted TAR archive with symlinks can install files outside the extraction directory. (LP: #1893465) - CVE-2020-24654 - Thanks to Fabian Vogt for reporting this issue and for fixing it.
-- Rik Mills <email address hidden> Tue, 01 Sep 2020 08:48:18 +0100
This bug was fixed in the package ark - 4:20.08.1-0ubuntu1
--------------- 1-0ubuntu1) groovy; urgency=medium
ark (4:20.08.
* New upstream release (20.08.1)
* SECURITY UPDATE: Maliciously crafted TAR archive with symlinks can
install files outside the extraction directory. (LP: #1893465)
- CVE-2020-24654
- Thanks to Fabian Vogt for reporting this issue and for fixing it.
-- Rik Mills <email address hidden> Tue, 01 Sep 2020 08:48:18 +0100