Jakub Wilk reports: Package: archmage Version: 1:0.2.4-3 Tags: security archmage is vulnerable to directory traversal via "../" sequences. As a proof of concept, unpacking the attached CHM file creates a file in /tmp: $ ls /tmp/mooo /bin/ls: cannot access /tmp/mooo: No such file or directory $ archmage -x traversal.chm $ ls /tmp/mooo /tmp/mooo
Created archmage tracking bugs for this issue: Affects: fedora-all [bug 1185732]
CVE assignment: http://www.openwall.com/lists/oss-security/2015/02/12/16