A vulnerability was found in ark. The "Open" functionality of ark can inadvertently run shell scripts or other executable entries in the archive.
Created ark tracking bugs for this issue:
Affects: fedora-all [bug 1411822]
it's already fixed in fedora git branch
Unable to reproduce on ark-4 in Red Hat Enterprise Linux 7: the script is opened in an internal viewer rather than executed.
According to a comment on the Debian tracker, the affected functionality was introduced post ark-15.11.80.