CVE-2020-11736

Priority
Description
fr-archive-libarchive.c in GNOME file-roller through 3.36.1 allows
Directory Traversal during extraction because it lacks a check of whether a
file's parent is a symlink to a directory outside of the intended
extraction location.
Assigned-to
leosilva
Notes
Package
Upstream:needs-triage
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):released (3.16.5-0ubuntu1.4)
Ubuntu 18.04 LTS (Bionic Beaver):released (3.28.0-1ubuntu1.2)
Ubuntu 19.10 (Eoan Ermine):released (3.32.2-1ubuntu0.1)
Ubuntu 20.04 LTS (Focal Fossa):released (3.36.1-1ubuntu0.1)
Ubuntu 20.10 (Groovy Gorilla):not-affected (3.36.2-1)
More Information

Updated: 2020-04-30 16:15:46 UTC (commit 117c83c0e1705b30e3118678f71411385bfcb667)