Package: zoo Version: 2.10-12 Severity: important Tags: security zoo suffers from a directory traversal bug. When unpacking .zoo archives, there's no check for "../.." constructs in the file names, which makes it possible to unpack to arbitrary locations in the file system.
unzoo was affected, too. Please see http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=306164 for more information. Thomas -- Weitersagen: GMX DSL-Flatrates mit Tempo-Garantie! Ab 4,99 Euro/Monat: http://www.gmx.net/de/go/dsl -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
