Hi,
On Wed, Sep 27, 2023 at 01:19:31PM +0300, Jani Nikula wrote:
> Package: unadf
> Version: 0.7.11a-5
> Severity: grave
> Tags: security
> Justification: user security hole
> X-Debbugs-Cc: Debian Security Team
>
> Dear Maintainer,
>
> See upstream ADFLib commit 8e973d7b8945 ("Fix unsafe
Package: unadf
Version: 0.7.11a-5
Severity: grave
Tags: security
Justification: user security hole
X-Debbugs-Cc: Debian Security Team
Dear Maintainer,
See upstream ADFLib commit 8e973d7b8945 ("Fix unsafe extraction by using
mkdir() instead of shell command") [1].
'unadf' passes the directory
2 matches
Mail list logo