Bug#850874: ark: CVE-2017-5330: Unintended execution of scripts and executable files

To: Debian Bug Tracking System <submit@bugs.debian.org>
Subject: Bug#850874: ark: CVE-2017-5330: Unintended execution of scripts and executable files
From: Salvatore Bonaccorso <carnil@debian.org>
Date: Tue, 10 Jan 2017 21:01:36 +0100
Message-id: <[🔎] 148407849625.20328.12299035702145164468.reportbug@eldamar.local>
Reply-to: Salvatore Bonaccorso <carnil@debian.org>, 850874@bugs.debian.org

Source: ark
Version: 4:16.08.3-1
Severity: grave
Tags: upstream patch security fixed-upstream
Justification: user security hole
Forwarded: https://bugs.kde.org/show_bug.cgi?id=374572

Hi,

the following vulnerability was published for ark.

CVE-2017-5330[0]:
unintended execution of scripts and executable files

If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.

For further information see:

[0] https://security-tracker.debian.org/tracker/CVE-2017-5330
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5330
[1] https://bugs.kde.org/show_bug.cgi?id=374572
[2] https://cgit.kde.org/ark.git/commit/?id=82fdfd24d46966a117fa625b68784735a40f9065

Please adjust the affected versions in the BTS as needed.

Regards,
Salvatore

Reply to:

Follow-Ups:
- Bug#850874: ark: CVE-2017-5330: Unintended execution of scripts and executable files
  - From: Salvatore Bonaccorso <carnil@debian.org>

Prev by Date: Processed: reassigning #850746
Next by Date: Processed: cloning 828364, retitle -1 to ruby2.3: Please migrate to openssl1.1 in buster, unblock 827061 with -1 ...
Previous by thread: Processed: reassigning #850746
Next by thread: Bug#850874: ark: CVE-2017-5330: Unintended execution of scripts and executable files
Index(es):
- Date
- Thread