Debian Linux Security Advisory 4083-1 - Stephan Zeisberg discovered that poco, a collection of open source C++ class libraries, did not correctly validate file paths in ZIP archives. An attacker could leverage this flaw to create or overwrite arbitrary files.
17161b54707cb0c6dff7a79893bbc4d50aa757d637c78da205274c22de089bf3