Back to bug 2004957
| Who | When | What | Removed | Added |
|---|---|---|---|---|
| Marian Rehak | 2021-09-16 13:48:35 UTC | Depends On | 2004958 | |
| Marian Rehak | 2021-09-16 13:49:22 UTC | Blocks | 2004960 | |
| Cedric Buissart | 2021-09-17 15:51:00 UTC | Priority | high | medium |
| Severity | high | medium | ||
| Cedric Buissart | 2021-09-23 14:19:04 UTC | Depends On | 2007304, 2007302, 2007303 | |
| Cedric Buissart | 2021-09-27 19:29:38 UTC | Doc Text | A directory traversal flaw was found in squashfs-tools. During extraction, a file can escape the destination directory by using a symbolic link, and a regular file with an identical name. This flaw allows a specially crafted squashfs archive to install or overwrite files outside of the destination directory. | |
| Cedric Buissart | 2021-09-27 19:33:14 UTC | Fixed In Version | squashfs-tools 4.5 | |
| Matt | 2021-10-07 15:44:24 UTC | CC | mvanderw | |
| Red Hat Bugzilla | 2023-07-07 08:27:56 UTC | Assignee | security-response-team | nobody |
Back to bug 2004957