Source: engrampa Version: 1.26.1-4 Severity: grave Tags: security upstream Justification: user security hole X-Debbugs-Cc: car...@debian.org, Debian Security Team <t...@security.debian.org>
Hi, The following vulnerability was published for engrampa. CVE-2023-52138[0]: | Engrampa is an archive manager for the MATE environment. Engrampa is | found to be vulnerable to a Path Traversal vulnerability that can be | leveraged to achieve full Remote Command Execution (RCE) on the | target. While handling CPIO archives, the Engrampa Archive manager | follows symlink, cpio by default will follow stored symlinks while | extracting and the Archiver will not check the symlink location, | which leads to arbitrary file writes to unintended locations. When | the victim extracts the archive, the attacker can craft a malicious | cpio or ISO archive to achieve RCE on the target system. This | vulnerability was fixed in commit 63d5dfa. If you fix the vulnerability please also make sure to include the CVE (Common Vulnerabilities & Exposures) id in your changelog entry. For further information see: [0] https://security-tracker.debian.org/tracker/CVE-2023-52138 https://www.cve.org/CVERecord?id=CVE-2023-52138 [1] https://github.com/mate-desktop/engrampa/commit/63d5dfa9005c6b16d0f0ccd888cc859fca78f970 [2] https://github.com/mate-desktop/engrampa/security/advisories/GHSA-c98h-v39w-3r7v Please adjust the affected versions in the BTS as needed. Regards, Salvatore