USN-4764-1: GLib vulnerability
15 March 2021
GLib could be made to create files if it opened a specially crafted archive.
- glib2.0 - GLib library of C routines
It was discovered that GLib incorrectly handled certain symlinks when
replacing files. If a user or automated system were tricked into extracting
a specially crafted file with File Roller, a remote attacker could possibly
create files outside of the intended directory.
The problem can be corrected by updating your system to the following package versions:
In general, a standard system update will make all the necessary changes.