File _patchinfo of Package patchinfo.12870

<patchinfo incident="12870">
  <issue tracker="cve" id="2019-16680"/>
  <issue tracker="cve" id="2020-11736"/>
  <issue tracker="bnc" id="1169428">VUL-1: CVE-2020-11736: file-roller: directory traversal during extraction due to improper checking whether a file's parent is a symlink to a directory outside of the intended location</issue>
  <issue tracker="bnc" id="1151585">VUL-1: CVE-2019-16680: file-roller: possible path traversal via filename contained in a TAR archive</issue>
  <packager>qkzhu</packager>
  <rating>low</rating>
  <category>security</category>
  <summary>Security update for file-roller</summary>
  <description>This update for file-roller fixes the following issues:

- CVE-2020-11736: Fixed a directory traversal vulnerability due to improper checking whether a file's parent is an external symlink (bsc#1169428).
- CVE-2019-16680: Fixed a path traversal vulnerability which could have allowed
  an overwriting of a file during extraction (bsc#1151585). 
</description>
</patchinfo>
Places

File _patchinfo of Package patchinfo.12870

Places
