Plexus Archiver 4.6.3
·
106 commits
to refs/heads/master
since this release
π New features and improvements
- Fix path traversal vulnerability (#261) @plamentotev Thanks to @Fewword for reporting the vulnerability and suggesting a fix. The vulnerability affects only directories whose name begins with the same prefix as the destination directory. For example malicious archive may extract file in
/opt/directoryinstead of/opt/dir.
π¦ Dependency updates
- Bump plexus-utils from 3.5.0 to 3.5.1 (#257) @dependabot
Contributors
plamentotev, dependabot, and Fewword