| Package | plexus-archiver |
|---|---|
| Version | 1.0~alpha12-3+deb7u1 |
| Related CVEs | CVE-2018-1002200 |
An arbitrary file write vulnerability was discovered in plexus-archiver, the archiver plugin for the Plexus modular compiler system.
A specially-crafted .zip file could overwrite any file on disk, leading
to a privilege esclation.
For Debian 7 Wheezy, these problems have been fixed in version 1.0~alpha12-3+deb7u1.
We recommend that you upgrade your plexus-archiver packages.
Further information about Extended LTS security advisories can be found in the dedicated section of our website.