evince (3.10.3-0ubuntu10.4) trusty-security; urgency=medium
* SECURITY UPDATE: command injection in dvi backend
- debian/patches/CVE-2017-1000159.patch: properly quote filename in
backend/dvi/dvi-document.c.
- CVE-2017-1000159
Date: 2017-11-30 20:25:20.136297+00:00
Changed-By: Marc Deslauriers <[email protected]>
Signed-By: Ubuntu Archive Robot
<[email protected]>
https://launchpad.net/ubuntu/+source/evince/3.10.3-0ubuntu10.4
Sorry, changesfile not available.
--
Trusty-changes mailing list
[email protected]
Modify settings or unsubscribe at:
https://lists.ubuntu.com/mailman/listinfo/trusty-changes
