Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
ee667bcc by Salvatore Bonaccorso at 2019-08-11T07:05:52Z
CVE-2019-14744/kde4libs fixed in unstable
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -379,7 +379,7 @@ CVE-2019-14745 (In radare2 before 3.7.0, a command
injection vulnerability exist
CVE-2019-14744 (In KDE Frameworks KConfig before 5.61.0, malicious desktop
files and c ...)
{DSA-4494-1}
- kconfig 5.54.0-2 (bug #934267)
- - kde4libs <unfixed> (bug #934268)
+ - kde4libs 4:4.14.38-4 (bug #934268)
[buster] - kde4libs <no-dsa> (Minor issue)
[stretch] - kde4libs <no-dsa> (Minor issue)
NOTE:
https://gist.githubusercontent.com/zeropwn/630832df151029cb8f22d5b6b9efaefb/raw/64aa3d30279acb207f787ce9c135eefd5e52643b/kde-kdesktopfile-command-injection.txt
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/ee667bcc6528e4a44dca2ac8bb25a2f02b6f157a
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/ee667bcc6528e4a44dca2ac8bb25a2f02b6f157a
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
