Ubuntu Security Notification for File-roller Vulnerability (USN-3074-1)

It was discovered that File Roller incorrectly handled symlinks.

If a user were tricked into extracting a specially-crafted archive, an attacker could delete files outside of the extraction directory.

Refer to Ubuntu advisory USN-3074-1 for affected packages and patching details, or update with your package manager.

Patch:
Following are links for downloading patches to fix the vulnerabilities:

USN-3074-1: 16.04 (Xenial) on src (file-roller)

USN-3074-1: 14.04 (Kylin) on src (file-roller)