Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 593224 - <kde-base/kdelibs-4.14.24: Extraction of tar files possible to arbitrary system locations
Summary: <kde-base/kdelibs-4.14.24: Extraction of tar files possible to arbitrary syst...
Alias: None
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All All
: Normal minor (vote)
Assignee: Gentoo Security
Whiteboard: B3 [noglsa]
Depends on:
Reported: 2016-09-08 17:11 UTC by Arfrever Frehtes Taifersar Arahesis
Modified: 2016-09-17 00:23 UTC (History)
1 user (show)

See Also:
Package list:
Runtime testing required: ---


Note You need to log in before you can comment on or make changes to this bug.
Description Arfrever Frehtes Taifersar Arahesis 2016-09-08 17:11:34 UTC
Fix for vulnerability in karchive (handled in bug #589054) was backported by upstream to kdelibs and released in kdelibs-4.14.24.
Comment 1 Michael Palimaka (kensington) gentoo-dev 2016-09-08 18:54:46 UTC
There's been minimal other changes since .22, so feel free to stabilise at will.
Comment 2 Yury German Gentoo Infrastructure gentoo-dev 2016-09-11 05:41:16 UTC
Arches, please test and mark stable:


Target Keywords : "amd64 x86"

Thank you!
Comment 3 Agostino Sarubbo gentoo-dev 2016-09-13 11:37:49 UTC
amd64 stable
Comment 4 Michael Palimaka (kensington) gentoo-dev 2016-09-14 15:56:57 UTC
x86 stable and cleanup done
Comment 5 Yury German Gentoo Infrastructure gentoo-dev 2016-09-16 04:03:38 UTC
Arches and Maintainer(s), Thank you for your work.

GLSA Vote: No
Closing noglsa.