** Description changed: - . + The tracker developers have recently confined their extractor to attempt to make tracker more resilient to attacks, especially involving flaws in gstreamer parsers. + + There is no CVE number assigned to this issue. + + https://lwn.net/Articles/708196/ + https://scarybeastsecurity.blogspot.com/2016/11/0day-poc-risky-design-decisions-in.html + + The gstreamer security fixes are being handled separately. See bug + 1619600
-- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1648921 Title: Sandbox the tracker extractor To manage notifications about this bug go to: https://bugs.launchpad.net/tracker/+bug/1648921/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
