*** This bug is a security vulnerability *** You have been subscribed to a public security bug:
Decompression bombs, which result from a small file being uncompressed into a bigger one, can freeze the current application such as a browser, virus scanner, search tool and create system instability. More information about this can be found here: http://www.aerasec.de/security/advisories/decompression-bomb- vulnerability.html Sorry if this is already known of/unpreventable, but it can really harm and freeze a computer, depending on the size of the compressed file. Examples are available off the previous link. Expected Behavior: An alert shown to the user, earlier termination of the application opening such file, or end in processing of that file. Actual behavior: Application freezes (ui) and eventually the whole system starts lagging. Perhaps applications should have a "maximum cpu usage allowed" or something like that? ** Affects: file-roller (Ubuntu) Importance: Undecided Status: Incomplete -- Denial of service through decompression bombs https://bugs.edge.launchpad.net/bugs/183660 You received this bug notification because you are a member of Ubuntu Desktop Bugs, which is subscribed to file-roller in ubuntu. -- desktop-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/desktop-bugs
