An update for ark is now available for openEuler-22.03-LTS-SP4 Security Advisory openeuler-security@openeuler.org openEuler security committee openEuler-SA-2025-1132 Final 1.0 1.0 2025-02-14 Initial 2025-02-14 2025-02-14 openEuler SA Tool V1.0 2025-02-14 ark security update An update for ark is now available for openEuler-22.03-LTS-SP4 Ark is a program for managing various archive formats. Archives can be viewed, extracted, created and modified from within Ark. The program can handle various formats such as tar, gzip, bzip2, zip, rar and lha (if appropriate command-line programs are installed). Security Fix(es): libarchiveplugin.cpp in KDE ark before 24.12.0 can extract to an absolute path from an archive.(CVE-2024-57966) An update for ark is now available for openEuler-22.03-LTS-SP4. openEuler Security has rated this update as having a security impact of medium. A Common Vunlnerability Scoring System(CVSS)base score,which gives a detailed severity rating, is available for each vulnerability from the CVElink(s) in the References section. Medium ark https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1132 https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2024-57966 https://nvd.nist.gov/vuln/detail/CVE-2024-57966 openEuler-22.03-LTS-SP4 ark-22.08.3-2.oe2203sp4.aarch64.rpm ark-debuginfo-22.08.3-2.oe2203sp4.aarch64.rpm ark-debugsource-22.08.3-2.oe2203sp4.aarch64.rpm ark-libs-22.08.3-2.oe2203sp4.aarch64.rpm ark-22.08.3-2.oe2203sp4.src.rpm ark-22.08.3-2.oe2203sp4.x86_64.rpm ark-debuginfo-22.08.3-2.oe2203sp4.x86_64.rpm ark-debugsource-22.08.3-2.oe2203sp4.x86_64.rpm ark-libs-22.08.3-2.oe2203sp4.x86_64.rpm libarchiveplugin.cpp in KDE ark before 24.12.0 can extract to an absolute path from an archive. 2025-02-14 CVE-2024-57966 openEuler-22.03-LTS-SP4 Medium 5.0 AV:L/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:L ark security update 2025-02-14 https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1132