Download
| Alert*
DSA-3915-1 ruby-mixlib-archive -- ruby-mixlib-archive
It was discovered that ruby-mixlib-archive, a Chef Software"s library used to handle various archive formats, was vulnerable to a directory traversal attack. This allowed attackers to overwrite arbitrary files by using a malicious tar archive containing .. in its entries.
|