[Expired for kde-runtime (Ubuntu) because there has been no activity for
60 days.]
** Changed in: kde-runtime (Ubuntu)
Status: Incomplete => Expired
--
You received this bug notification because you are a member of Kubuntu
Bugs, which is subscribed to kde-runtime in Ubuntu.
This bug was fixed in the package ark - 4:20.04.3-1
---
ark (4:20.04.3-1) unstable; urgency=medium
* Team upload.
* New upstream release.
* Backport upstream commit 0df592524fed305d6fbe74ddf8a196bc9ffdb92f to fix
vulnerability to path traversal attacks (CVE-2020-16116);
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2020-16116
--
You received this bug notification because you are a member of Kubuntu
Bugs, which is subscribed to ark in Ubuntu.
https://bugs.launchpad.net/bugs/1889672
Title:
KDE Project Security Advisory: Ark: maliciously crafted
The attachment "debdiff/patch for focal. Directly backportable to
earlier variants" seems to be a debdiff. The ubuntu-sponsors team has
been subscribed to the bug report so that they can review and hopefully
sponsor the debdiff. If the attachment isn't a patch, please remove the
"patch" flag
** Also affects: ark (Ubuntu Groovy)
Importance: Undecided
Status: New
** Also affects: ark (Ubuntu Focal)
Importance: Undecided
Status: New
** Changed in: ark (Ubuntu Groovy)
Status: New => In Progress
** Changed in: ark (Ubuntu Groovy)
Importance: Undecided =>
Public bug reported:
Right now the queue is full of builds that are doing
Renaming libkf5emoticons-bin-dbgsym_5.72.0-0ubuntu1_arm64.deb to
libkf5emoticons-bin-dbgsym_5.72.0-0ubuntu1_arm64.ddeb
dpkg-deb: building package 'libkf5emoticons-data' in
Has there been a regression? I'm seeing the same behaviour.
=== system ===
Operating System: Kubuntu 20.04
KDE Plasma Version: 5.18.5
KDE Frameworks Version: 5.68.0
Qt Version: 5.12.8
Kernel Version: 5.7.11-050711-generic
OS Type: 64-bit
=== xev output ===
KeyPress event, serial 40, synthetic
