Hi Gabriel,
On Sat, Feb 18, 2023 at 12:04:27PM +0100, Gabriel Corona wrote:
> Hi!
>
> > A while has passed, and have now proposed the same change for bullseye
> > as well, cf. #1031527.
>
> Great!
>
> > There is no CVE assigned, if you feel strong about it, can you try to
> > get one allocated
On Sat, Feb 18, 2023 at 12:04:27PM +0100, Gabriel Corona wrote:
> I believe obtaining a CVE ID would be beneficial so that this issue may be
> tracked by downstream projects/distributions.
All those distros were notified via your post to oss-security. You can
try cveform, if there's no assignment
Hi!
> A while has passed, and have now proposed the same change for bullseye
> as well, cf. #1031527.
Great!
There is no CVE assigned, if you feel strong about it, can you try to
get one allocated by MITRE via the cveform? I think we won't go trough
the needed workflow to assign a Debian
Hi Gabriel,
On Thu, Feb 16, 2023 at 11:37:57PM +0100, Gabriel Corona wrote:
> Hi,
>
> Thanks for the patch!
Thanks for staying on top of the issue!
>
> This has been fixed in Debian testing and sid. However, stable is still
> affected. I believe it would make sense to port the patch to stable
Hi,
Thanks for the patch!
This has been fixed in Debian testing and sid. However, stable is still
affected. I believe it would make sense to port the patch to stable and
allocate a CVE for this.
Regards,
Gabriel
As a workaround, you should be able to disable this feature (and have
the fix persist after a package update) with something like:
mkdir -p /usr/local/share/applications
cp /usr/share/applications/mono-runtime-*.desktop
/usr/local/share/applications
sed -i 's/^Exec=.*/Exec=false/'
Hi,
Any help needed for this?
Regards,
Gabriel
Hi Monio Maintainers,
On Tue, May 04, 2021 at 10:30:57PM +0200, Gabriel Corona wrote:
> Hi,
>
> Any update on this? This is actually very dangerous.
>
> $ xdg-open hello.exe
> Hello World!
> $ cp hello.exe hello.ΡDF # <- actually not a P but a uppercase rho
> $ xdg-open hello.PDF
> Hello World!
Hi,
Any update on this? This is actually very dangerous.
$ xdg-open hello.exe
Hello World!
$ cp hello.exe hello.ΡDF # <- actually not a P but a uppercase rho
$ xdg-open hello.PDF
Hello World!
Gabriel
Package: mono-runtime-common
Version: 6.8.0.105+dfsg-3
Severity: important
File: /usr/share/applications/mono-runtime-common.desktop
Tags: security
X-Debbugs-Cc: Debian Security Team
/usr/share/applications/mono-runtime-common.desktop and
/usr/share/applications/mono-runtime-terminal.desktop are
10 matches
Mail list logo