A vulnerability in GNOME File Roller could lead to a directory traversal attack.
Package | app-arch/file-roller on all architectures |
---|---|
Affected versions | < 3.36.3 |
Unaffected versions | >= 3.36.3 |
File Roller is an archive manager for the GNOME desktop environment.
It was discovered that GNOME File Roller incorrectly handled symlinks.
Please review the referenced CVE identifiers for details.
There is no known workaround at this time.
All GNOME File Roller users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=app-arch/file-roller-3.36.3"
Release date
September 13, 2020
Latest revision
September 13, 2020: 1
Severity
normal
Exploitable
local, remote
Bugzilla entries