SUSE-SU-2025:20670-1 Security update for dpkg

This update for dpkg fixes the following issues: - CVE-2025-6297: Fixed cleanup for control member with restricted directories bsc1245573...

SUSE CVE-2025-6297

It was discovered that dpkg-deb does not properly sanitize directory permissions when extracting a control member into a temporary directory, which is documented as being a safe operation even on untrusted data. This may result in leaving temporary files behind on cleanup. Given automated and...

CVE-2025-6297 dpkg-deb: Fix cleanup for control member with restricted directories

It was discovered that dpkg-deb does not properly sanitize directory permissions when extracting a control member into a temporary directory, which is documented as being a safe operation even on untrusted data. This may result in leaving temporary files behind on cleanup. Given automated and...

PT-2025-27559

Name of the Vulnerable Software and Affected Versions: dpkg affected versions not specified Description: A issue was found in dpkg where it does not properly sanitize directory permissions when extracting a control member into a temporary directory. This may lead to temporary files being left...