** Changed in: qutebrowser (Ubuntu)
Status: Confirmed => Fix Released
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1781295
Title:
CVE-2018-10895: Possible remote code execution via CSRF in
This bug was fixed in the package qutebrowser - 1.1.1-1ubuntu0.1
---
qutebrowser (1.1.1-1ubuntu0.1) bionic-security; urgency=medium
* SECURITY UPDATE: Remote code execution due to CSRF on the qute://settings
page (LP: #1781295):
- fix-CVE-2018-10895.patch
-
** Also affects: qutebrowser (Ubuntu Bionic)
Importance: Undecided
Status: New
** Changed in: qutebrowser (Ubuntu Bionic)
Status: New => In Progress
** Changed in: qutebrowser (Ubuntu)
Importance: Undecided => Medium
** Changed in: qutebrowser (Ubuntu Bionic)
Importance:
** Tags added: community-security
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1781295
Title:
CVE-2018-10895: Possible remote code execution via CSRF in
qute://settings
To manage notifications
Status changed to 'Confirmed' because the bug affects multiple users.
** Changed in: qutebrowser (Ubuntu)
Status: New => Confirmed
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1781295
Title:
Ok, since half an hour, Cosmic is fixed, probably due to the automatic
sync from Debian Unstable.
** Tags removed: cosmic
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1781295
Title:
Meh, can't link this bug report to a CVE report as Launchpad claims that
"CVE-2018-10895 is not a valid CVE number". But it obviously is.
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2018-10895
--
You received this bug notification because you are a member of Ubuntu
Bugs, which