Advisories ยป MGASA-2016-0313

Updated file-roller packages fix security vulnerability

Publication date: 21 Sep 2016
Type: security
Affected Mageia releases : 5
CVE: CVE-2016-7162

Description

It was discovered that File Roller incorrectly handled symlinks. If a
user were tricked into extracting a specially-crafted archive, an
attacker could delete files outside of the extraction directory.
                

References

SRPMS

5/core