[Secure-testing-team] Bug#839865: kde-cli-tools: CVE-2016-7787
Salvatore Bonaccorso
carnil at debian.org
Wed Oct 5 19:48:58 UTC 2016
Source: kde-cli-tools
Version: 4:5.7.4-1
Severity: important
Tags: security upstream patch fixed-upstream
Hi,
the following vulnerability was published for kde-cli-tools.
CVE-2016-7787[0]:
kdesu: Displayed command truncated by unicode string terminator
If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.
For further information see:
[0] https://security-tracker.debian.org/tracker/CVE-2016-7787
[1] https://www.kde.org/info/security/advisory-20160930-1.txt
Please adjust the affected versions in the BTS as needed. I'm not sure
if kde-runtime is as well affected (it looks source wise, since the
same file can be patched).
Regards,
Salvatore
More information about the Secure-testing-team
mailing list