Bug#860268: .desktop files can hide malware in Nautilus
Phil Wyett
philwyett at kathenas.org
Sat Sep 23 00:36:38 UTC 2017
On Fri, 2017-09-22 at 17:19 -0400, Jeremy Bicha wrote:
> I asked on IRC about this so feel free to send the email, Phil or Donncha:
>
> jbicha | carnil: are you going to sponsor #860268 as a security update?
> jmm_ | jbicha: yeah, we can fix that via security.debian.org, please
> send a mail to team at security.debian.org, only a few of us are on IRC
>
>
> Thanks,
> Jeremy Bicha
Hi Security Team,
Please accept the attached 'nautilus' debdiff for stretch-security.
Info:
The debdiff is a backport of the fix from upstream[1] and includes translations
for the UI changes.
[1]: https://github.com/GNOME/nautilus/commit/1630f53481f445ada0a455e9979236d31a
8d3bb0
Related debian bug:
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=860268
Related upstream bug:
https://bugzilla.gnome.org/show_bug.cgi?id=777991
Related CVE:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14604
Debian security tracker:
https://security-tracker.debian.org/tracker/CVE-2017-14604
Regards
Phil
--
*** If this is a mailing list, I am subscribed, no need to CC me.***
Playing the game for the games sake.
Web: https://kathenas.org
GitLab: https://gitlab.com/kathenas
Twitter: kathenasorg
Instagram: kathenasorg
GPG: 1B97 6556 913F 73F3 9C9B 25C4 2961 D9B6 2017 A57A
-------------- next part --------------
A non-text attachment was scrubbed...
Name: nautilus_3.22.3-1_to_nautilus_3.22.3-1+deb9u1.debdiff
Type: text/x-patch
Size: 33070 bytes
Desc: not available
URL: <http://lists.alioth.debian.org/pipermail/pkg-gnome-maintainers/attachments/20170923/fe4f1ed8/attachment-0001.bin>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: This is a digitally signed message part
URL: <http://lists.alioth.debian.org/pipermail/pkg-gnome-maintainers/attachments/20170923/fe4f1ed8/attachment-0001.sig>
More information about the pkg-gnome-maintainers
mailing list