Unsubscribe Sent from my mobile. Please excuse the brevity, spelling, and punctuation.
> On Aug 6, 2016, at 4:00 PM, Javier Burón <[email protected]> wrote: > > unsubscribe > >> On 6 August 2016 at 20:53, Salvatore Bonaccorso <[email protected]> wrote: >> -----BEGIN PGP SIGNED MESSAGE----- >> Hash: SHA512 >> >> - ------------------------------------------------------------------------- >> Debian Security Advisory DSA-3643-1 [email protected] >> https://www.debian.org/security/ Salvatore Bonaccorso >> August 06, 2016 https://www.debian.org/security/faq >> - ------------------------------------------------------------------------- >> >> Package : kde4libs >> CVE ID : CVE-2016-6232 >> Debian Bug : 832620 >> >> Andreas Cord-Landwehr discovered that kde4libs, the core libraries >> for all KDE 4 applications, do not properly handle the extraction >> of archives with "../" in the file paths. A remote attacker can >> take advantage of this flaw to overwrite files outside of the >> extraction folder, if a user is tricked into extracting a specially >> crafted archive. >> >> For the stable distribution (jessie), this problem has been fixed in >> version 4:4.14.2-5+deb8u1. >> >> For the unstable distribution (sid), this problem has been fixed in >> version 4:4.14.22-2. >> >> We recommend that you upgrade your kde4libs packages. >> >> Further information about Debian Security Advisories, how to apply >> these updates to your system and frequently asked questions can be >> found at: https://www.debian.org/security/ >> >> Mailing list: [email protected] >> -----BEGIN PGP SIGNATURE----- >> Version: GnuPG v1 >> >> iQIcBAEBCgAGBQJXpj9CAAoJEAVMuPMTQ89EC84P+QFWqC/IxvzTF3WfbPx1nbiO >> FhRKcFaf6vILCm7odq1UWBdFTbOrK4FNmMrfQz2Ud668v8TR9RcZcaMlzbD80wjB >> c4hJUNsVho4ZnPHE2qwjsWaD7wre7oXO1XQZkwGj195fA5SBHd4hIXdtj/JnoBCO >> jckH3RBP6T4pw1++/srTtiaOWGwCCtQ+I5RNJirZas3CytLXrBXzWdukq8h+rAPD >> e+s/e6zwKcFYHVitgvglNJLSINr1bcZskAe4peaHGidJJ27e8D7UbK0wHTeDs/XD >> ivvRhr7C149D6jUWyV8I6XNAUK5a304+fqTDMYkg7MJotryMFrNx7dv6Wxki78CC >> WWsp0yS9WJ6vff2qL9qvsq6ZLObRX2JKQAOSnxQoS30c2qw+HoKe3cvzObvzD3ZS >> fSnnk+VD2NJqX8rpHpjIWywWIT4MkRrK4zokRtjluAxACNFnyX3GL6o+HI/O2gfB >> 7V1RXcmlcflG5yxURUNLF2GxugnxRa9LFJt8ASVBiOEipYwvrmNZdr7i+bN9yG9p >> 5QGcZobQMLFz19vr6alGqeRf/Mb1iU9Eq3utkIX3zjMyghVF6MvW9GN2kd3fJe/l >> l4H+gaWGJ4Awovl04vEbL+YnDlPJO2AVsXUo04DoTLzjUHdUYcvtpyyoQP9OoSOI >> xWO05cm3IAHRmszWz7vH >> =Ift4 >> -----END PGP SIGNATURE----- > > > > -- > Javier Burón > CEO > > t: +44 (0)7453558155 > e: [email protected] > > SocialBro is now Audiense - read more >
