Public bug reported: Binary package hint: yarssr
References: DSA-1477-1 (http://www.debian.org/security/2008/dsa-1477) Quoting: "Duncan Gilmore discovered that yarssr, an RSS aggregator and reader, performs insufficient input sanitising, which could result in the execution of arbitrary shell commands if a malformed feed is read." ** Affects: yarssr (Ubuntu) Importance: Undecided Status: New ** Visibility changed to: Public ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2007-5837 -- [yarssr] [CVE-2007-5837] missing input sanitising could result in execution of arbitrary shell commands https://bugs.launchpad.net/bugs/186572 You received this bug notification because you are a member of Ubuntu Bugs, which is the bug contact for Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs