Bug#860268: .desktop files can hide malware in Nautilus
Phil Wyett
philwyett at kathenas.org
Sat Sep 23 00:41:06 UTC 2017
On Sat, 2017-09-23 at 01:37 +0100, Phil Wyett wrote:
> On Sat, 2017-09-23 at 01:36 +0100, Phil Wyett wrote:
> > On Fri, 2017-09-22 at 17:19 -0400, Jeremy Bicha wrote:
> > > I asked on IRC about this so feel free to send the email, Phil or Donncha:
> > >
> > > jbicha | carnil: are you going to sponsor #860268 as a security update?
> > > jmm_ | jbicha: yeah, we can fix that via security.debian.org, please
> > > send a mail to team at security.debian.org, only a few of us are on IRC
> > >
> > >
> > > Thanks,
> > > Jeremy Bicha
> >
> > Hi Security Team,
> >
> > Please accept the attached 'nautilus' debdiff for stretch-security.
> >
> > Info:
> >
> > The debdiff is a backport of the fix from upstream[1] and includes
> > translations
> > for the UI changes.
> >
> > [1]: https://github.com/GNOME/nautilus/commit/1630f53481f445ada0a455e9979236
> > d3
> > 1a
> > 8d3bb0
> >
> > Related debian bug:
> >
> > https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=860268
> >
> > Related upstream bug:
> >
> > https://bugzilla.gnome.org/show_bug.cgi?id=777991
> >
> > Related CVE:
> >
> > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14604
> >
> > Debian security tracker:
> >
> > https://security-tracker.debian.org/tracker/CVE-2017-14604
> >
> > Regards
> >
> > Phil
> >
>
>
Oops... Massive sleep derived error. debdiff has been forwarded to security team
on another email that did not have a massive recipient list and had them on it.
Apologies for the error.
Regards
Phil
--
*** If this is a mailing list, I am subscribed, no need to CC me.***
Playing the game for the games sake.
Web: https://kathenas.org
GitLab: https://gitlab.com/kathenas
Twitter: kathenasorg
Instagram: kathenasorg
GPG: 1B97 6556 913F 73F3 9C9B 25C4 2961 D9B6 2017 A57A
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: This is a digitally signed message part
URL: <http://lists.alioth.debian.org/pipermail/pkg-gnome-maintainers/attachments/20170923/de25d503/attachment.sig>
More information about the pkg-gnome-maintainers
mailing list