Source: xdg-utils Severity: grave Tags: security patch Hi, the following CVE (Common Vulnerabilities & Exposures) id was published for xdg-utils.
CVE-2008-0386[0]: | Description of problem: | The generic handler of xdg-open (i.e. when not running in KDE, GNOME or XFCE) | has the following code: | | browser_with_arg=`echo "$browser" | sed s#%s#"$1"#` | | if [ x"$browser_with_arg" = x"$browser" ]; then "$browser" "$1"; | else $browser_with_arg; | fi | | sed interprets any commands in the argument and the result is executed by the | script. | | Version-Release number of selected component (if applicable): | xdg-utils-1.0.2-2.fc8 | | How reproducible: | Always | | Steps to Reproduce: | 1. uninstall perl-File-MimeInfo package (not necessary with xdg-utils-1.0.2-3) | 2. start plain X session | 3. xdg-open 'http://foo.org/bar#;g;sx$xtouch:foox' | | Actual results: | File foo created. | | Expected results: | The page opened in a web browser. The CVE id for this is still on status RESERVED, it will be released in the next days. You can find patches for the described issues on: http://webcvs.freedesktop.org/portland/portland/xdg-utils/scripts/xdg-email?r1=1.36&r2=1.37&view=patch http://webcvs.freedesktop.org/portland/portland/xdg-utils/scripts/xdg-email.in?r1=1.24&r2=1.25&view=patch http://webcvs.freedesktop.org/portland/portland/xdg-utils/scripts/xdg-open?r1=1.32&r2=1.33&view=patch http://webcvs.freedesktop.org/portland/portland/xdg-utils/scripts/xdg-open.in?r1=1.17&r2=1.18&view=patch If you fix this vulnerability please also include the CVE id in your changelog entry. For further information: [0] https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2008-0386 Kind regards Nico -- Nico Golde - http://www.ngolde.de - [EMAIL PROTECTED] - GPG: 0x73647CFF For security reasons, all text in this mail is double-rot13 encrypted.
pgpXcThLslSQ4.pgp
Description: PGP signature
