Ubuntu Security Notice 4482-1 - Fabian Vogt discovered that Ark incorrectly handled symbolic links in tar archive files. An attacker could use this to construct a malicious tar archive that, when opened, would create files outside the extraction directory.
9029a5b793714659d03b99eb0827fce84ae857f119c368cca2e3fd5aa483184a