Updated file-roller packages fix security vulnerability
Publication date: 21 Sep 2016Type: security
Affected Mageia releases : 5
CVE: CVE-2016-7162
Description
It was discovered that File Roller incorrectly handled symlinks. If a user were tricked into extracting a specially-crafted archive, an attacker could delete files outside of the extraction directory.
References
SRPMS
5/core
- file-roller-3.14.2-1.1.mga5