gnome-autoar: directory traversal during extraction because it lacks a check of whether a file’s parent is a symlink in certain complex situations (CVE-2021-28650). Also the previous update (Bug 28454) introduced a regression, fixed here.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Mageia | 7 | noarch | gnome-autoar | <Â 0.3.1-1 | gnome-autoar-0.3.1-1.mga7 |
Mageia | 8 | noarch | gnome-autoar | <Â 0.3.1-1 | gnome-autoar-0.3.1-1.mga8 |