[Desktop-packages] [Bug 1413643] Re: xdg-open command injection vulnerability

Bug Watch Updater Thu, 22 Jan 2015 08:51:14 -0800

** Changed in: xdg-utils (Debian)
       Status: Unknown => Fix Released


-- 
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to xdg-utils in Ubuntu.
https://bugs.launchpad.net/bugs/1413643

Title:
  xdg-open command injection vulnerability

Status in Xdg-utils:
  Unknown
Status in xdg-utils package in Ubuntu:
  Invalid
Status in xdg-utils package in Debian:
  Fix Released

Bug description:
  John Houwer discovered a way to cause xdg-open, a tool that
  automatically opens URLs in a user's preferred application, to execute
  arbitrary commands remotely.

  https://www.debian.org/security/2015/dsa-3131

To manage notifications about this bug go to:
https://bugs.launchpad.net/xdg-utils/+bug/1413643/+subscriptions

-- 
Mailing list: https://launchpad.net/~desktop-packages
Post to     : desktop-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~desktop-packages
More help   : https://help.launchpad.net/ListHelp

[Desktop-packages] [Bug 1413643] Re: xdg-open command injection vulnerability

Reply via email to