Updated file-roller package fixes CVE-2013-4668
Publication date: 26 Jul 2013Modification date: 26 Jul 2013
Type: security
Affected Mageia releases : 3
CVE: CVE-2013-4668
Description
Updated file-roller package fixes security vulnerability: Directory traversal vulnerability in File Roller 3.6.x before 3.6.4 when libarchive is used, allows remote attackers to create arbitrary files via a crafted archive that is not properly handled in a "Keep directory structure" action, related to fr-archive-libarchive.c and fr-window.c (CVE-2013-4668).
References
SRPMS
3/core
- file-roller-3.6.4-1.mga3