[Pkg-kde-extras] Bug#862505: smb4k: CVE-2017-8849
Salvatore Bonaccorso
carnil at debian.org
Thu Jun 15 03:40:16 UTC 2017
Control: found -1 1.1.2-1
Upstream (Albert Astals Cid) confirmed that the version in Jessie is
affected.
----cut---------cut---------cut---------cut---------cut---------cut-----
proc.setProgram( args["command"].toStringList() );
// Run the mount process.
proc.start();
----cut---------cut---------cut---------cut---------cut---------cut-----
The helper is then running whatever thing ones gives it through dbus.
Upstream suggestion whas to upgrade to a newer version, as backporting
is quite intrusive. if that's feasable on our end it's not clear.
Regards,
Salvatore
More information about the pkg-kde-extras
mailing list