[Secure-testing-team] Bug#850874: ark: CVE-2017-5330: Unintended execution of scripts and executable files
Salvatore Bonaccorso
carnil at debian.org
Tue Jan 10 20:01:36 UTC 2017
Source: ark
Version: 4:16.08.3-1
Severity: grave
Tags: upstream patch security fixed-upstream
Justification: user security hole
Forwarded: https://bugs.kde.org/show_bug.cgi?id=374572
Hi,
the following vulnerability was published for ark.
CVE-2017-5330[0]:
unintended execution of scripts and executable files
If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.
For further information see:
[0] https://security-tracker.debian.org/tracker/CVE-2017-5330
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5330
[1] https://bugs.kde.org/show_bug.cgi?id=374572
[2] https://cgit.kde.org/ark.git/commit/?id=82fdfd24d46966a117fa625b68784735a40f9065
Please adjust the affected versions in the BTS as needed.
Regards,
Salvatore
More information about the Secure-testing-team
mailing list