This bug was fixed in the package file-roller - 3.10.2.1-0ubuntu4.2
--------------- file-roller (3.10.2.1-0ubuntu4.2) trusty-security; urgency=medium
* SECURITY UPDATE: Path traversal flaw allows arbitrary file deletion via malicious archive (LP: #1171236) - debian/patches/CVE-2016-7162.patch: Do not follow symlinks when deleting a folder recursively. Based on upstream patch. - CVE-2016-7162
-- Tyler Hicks <email address hidden> Thu, 08 Sep 2016 09:17:49 -0500
This bug was fixed in the package file-roller - 3.10.2.1-0ubuntu4.2
--------------- 1-0ubuntu4. 2) trusty-security; urgency=medium
file-roller (3.10.2.
* SECURITY UPDATE: Path traversal flaw allows arbitrary file deletion via patches/ CVE-2016- 7162.patch: Do not follow symlinks when deleting
malicious archive (LP: #1171236)
- debian/
a folder recursively. Based on upstream patch.
- CVE-2016-7162
-- Tyler Hicks <email address hidden> Thu, 08 Sep 2016 09:17:49 -0500