[SECURITY] [DSA 5927-1] yelp security update
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
- -------------------------------------------------------------------------
Debian Security Advisory DSA-5927-1 security@debian.org
https://www.debian.org/security/ Moritz Muehlenhoff
May 28, 2025 https://www.debian.org/security/faq
- -------------------------------------------------------------------------
Package : yelp
CVE ID : CVE-2025-3155
It was discovered that Yelp, the help browser for the GNOME desktop,
allowed help files to execute arbitrary scripts. Opening a malformed
help file could have resulted in data exfiltration.
For the stable distribution (bookworm), this problem has been fixed in
version 42.2-1+deb12u1 of yelp and version 42.1-2+deb12u1 of yelp-xsl.
We recommend that you upgrade your yelp packages.
For the detailed security status of yelp please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/yelp
Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/
Mailing list: debian-security-announce@lists.debian.org
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAmg3UEMACgkQEMKTtsN8
TjaEKw//SpvFBvI57zp8OmUKqBDIReXZe3exDzw69wQzp+byTOp50d91X3NWSDyf
C8/OelDY0CV++SQE1to12qvgZq3sIDnyJ2++H1X4FSJtlZRCIz2fxDgTT0xF5asv
WtveyohgkSNYm2StTVKJ6iIueiqgVoIwwoKIHKMpWZGwNauOjiEfxdIYsnqI7rDt
IfGnEvIK0c6k6sV7tLn501jS+mnzLDTU026VSHZLc/BV+FyC852ZtHkmwgv9M8T0
d2FAcaObIcZS3uYZvkA4vuZQikA7GpTuteevZkAjZUbvkcQtN0Nhez4+CYND3kKb
3oAMDQUdZ94+rODs+fWAbT7oEZAzB4YrlJJRsoKp137569HbPfjPqISlAZO7tPF7
EST7dtrW+/Bs6FsBfIumYE9NQ5wCIhPNHGokwnd6ngwvdDIlvhoZ43v9cPc4cL71
i3jM0wkuUpciO5rgBW9KpgLH9NIkZDu/uMvMfAmL7bHZ6L5lpNsaJNag688A0Cf2
YCZO5nkMTJHPnojls3NAljoLiW8Gcu6uKP8yAd3t2TpthTQfjcdhQrRIEMlU3xUs
fkECq0BwC1oTA/ORpYppjKa1uBH1Da0sE/EWoBFqlPplfmSyymUviBJn7yo4ueoi
RG2hGcpn6pN28hGcEkgxlolTtc5DFTNupKkClrTMf1IduEsBZZQ=
=tHAo
-----END PGP SIGNATURE-----
Reply to: