Re: Security vulnerability in .desktop files

To: debian-qt-kde@lists.debian.org
Cc: "Oleg K." <seqira@gmail.com>
Subject: Re: Security vulnerability in .desktop files
From: Scott Kitterman <debian@kitterman.com>
Date: Fri, 09 Aug 2019 18:16:17 -0400
Message-id: <[🔎] 11439279.Ot9OhHZ2AZ@l5580>
In-reply-to: <[🔎] CAC0zMgrWGYvi-+QRf8bwRYJCdQ4Tny3t684uy6U44pE0xbs7bQ@mail.gmail.com>
References: <[🔎] CAC0zMgrWGYvi-+QRf8bwRYJCdQ4Tny3t684uy6U44pE0xbs7bQ@mail.gmail.com>

On Thursday, August 8, 2019 5:19:51 AM EDT Oleg K. wrote:
> Hello, All.
> 
> I'm just a linux user  and do not know in details the support process in
> Debian and KDE teams.
> What can you say about .desktop arbitrary code execution when user opens a
> folder with "bad" file, which is found here -
> https://twitter.com/zer0pwn/status/1158433002239746048 ?
> What ticket should I follow and wait for being fixed ?
> 
> With Best Regards,
> Oleg K.

Updated packages have been released now, so it should be simply a matter of 
applying available updates.

Scott K

Reply to:

References:
- Security vulnerability in .desktop files
  - From: "Oleg K." <seqira@gmail.com>

Prev by Date: Processed: Raising severity
Next by Date: Processing of kde4libs_4.14.38-4_source.changes
Previous by thread: Security vulnerability in .desktop files
Next by thread: kdevelop_5.4.0-1_amd64.changes ACCEPTED into experimental, experimental
Index(es):
- Date
- Thread