Hi! Micah Lee: > The upstream nautilus issue [1] has already been resolved, and will be > released in nautilus 3.24. But since this is an important security > issue, I think this patch should be backported so that it's fixed in > older versions of Debian.
Thanks for raising this issue in Debian! Is there any plan upstream to backport this fix to their 3.22.x branch, and/or to request a CVE? Did you personally check whether it's straightforward to backport the fix to 3.22? Cheers, -- intrigeri