Bug#868500: atril: CVE-2017-1000083
Santiago Ruano Rincón
santiagorr at riseup.net
Tue Jul 18 13:21:10 UTC 2017
Control: tags -1 + patch
On Sun, 16 Jul 2017 08:19:43 +0200 Salvatore Bonaccorso <carnil at debian.org> wrote:
...
> the following vulnerability was published for atril.
>
> CVE-2017-1000083[0]:
> Evince command injection vulnerability in CBT handler
...
Please, find attached the patch backported from evince's fix.
Cheers,
-- Santiago
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 1-CVE-2017-1000083-comics-Remove-support-for-tar-and-tar-like-command.patch
Type: text/x-diff
Size: 5007 bytes
Desc: not available
URL: <http://lists.alioth.debian.org/pipermail/pkg-mate-team/attachments/20170718/62db6194/attachment.patch>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: not available
URL: <http://lists.alioth.debian.org/pipermail/pkg-mate-team/attachments/20170718/62db6194/attachment.sig>
More information about the pkg-mate-team
mailing list