| Package | ark |
|---|---|
| Version | 4:18.08.3-1+deb10u3 (buster) |
| Related CVEs | CVE-2024-57966 |
A flaw was discovered in ark, an archive utility for the KDE platform. Ark extracted archives with absolute paths to the corresponding location on the user’s file system. Absolute paths are now treated as relative paths to prevent overwriting of sensitive information.
For Debian 10 buster, these problems have been fixed in version 4:18.08.3-1+deb10u3.
We recommend that you upgrade your ark packages.
Further information about Extended LTS security advisories can be found in the dedicated section of our website.