This bug was fixed in the package file-roller - 3.16.5-0ubuntu1.2
--------------- file-roller (3.16.5-0ubuntu1.2) xenial-security; urgency=medium
* SECURITY UPDATE: Path traversal flaw allows arbitrary file deletion via malicious archive (LP: #1171236) - debian/patches/CVE-2016-7162.patch: Do not follow symlinks when deleting a folder recursively. Based on upstream patch. - CVE-2016-7162
-- Tyler Hicks <email address hidden> Thu, 08 Sep 2016 09:17:37 -0500
This bug was fixed in the package file-roller - 3.16.5-0ubuntu1.2
---------------
file-roller (3.16.5-0ubuntu1.2) xenial-security; urgency=medium
* SECURITY UPDATE: Path traversal flaw allows arbitrary file deletion via patches/ CVE-2016- 7162.patch: Do not follow symlinks when deleting
malicious archive (LP: #1171236)
- debian/
a folder recursively. Based on upstream patch.
- CVE-2016-7162
-- Tyler Hicks <email address hidden> Thu, 08 Sep 2016 09:17:37 -0500