Forum: >>> Magnum BBS <<<

[SECURITY] [DSA 3131-1] xdg-utils security update

From Michael Gilbert@1:229/2 to All on Mon Jan 19 05:30:02 2015

From: [email protected]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------- Debian Security Advisory DSA-3131-1 [email protected] http://www.debian.org/security/ Michael Gilbert January 18, 2015 http://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package : xdg-utils
CVE ID : CVE-2014-9622
Debian Bug : 773085

John Houwer discovered a way to cause xdg-open, a tool that automatically
opens URLs in a user's preferred application, to execute arbitrary
commands remotely.

For the stable distribution (wheezy), this problem has been fixed in
version 1.1.0~rc1+git20111210-6+deb7u2.

For the upcoming stable (jessie) and unstable (sid) distributions,
this problem has been fixed in version 1.1.0~rc1+git20111210-7.3.

We recommend that you upgrade your xdg-utils packages.

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: [email protected]
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQQcBAEBCgAGBQJUvIOpAAoJELjWss0C1vRzyfIgAL+XQ0ld3B3JXgdPJQQpfdaY 00JPoJhdpOEBxofEiAgkNd7EV2COkmRPO0ekvhxEKavxd9oxUWmNyK9bZ+LaVcDg OQtAE57gSTF3qFbgOsuPkU0q6eMVPzH+kSxuXBV5962LNKTvdNnnWlri70aB5JLW rMXdcGkOlh0ozDe5CNz3wZRZGUmbDyRbd29F+BtfAqH7fBtrCBUifwr00A24E6aS +DIgCSMg5GUuAU3SfTh1xSE3+rfU2uxnTYC1ZdrnJrlBiMIqfitNaE2QOVw8RrAm PA62BWnbkHJmTHmG0NfAlU5mv3QcaXG9QEny0Plh6QsL1myjkUngH+g/EfdGg845 LNU84A8U19YGfXdWD+dCol11c5mfAPk5NQdtapo9LuP3Hx05MDYVxXCfupbsEV1i AMHplt7jhnjAsZhgb0RGzgIbi8OEk8rEL+hCiwzzHnmL1RjtHiByhOMFf7ZpbTNA tF7/cDNchhVaxJ+iKId9JBB0X2FIRrJVfZST6LT3hoCV0nUwjeiTMQTz1Lshs/8Q EoUfLpJJDemdnk2otXNPGDD4kzJMdpsZx+u77Pm7ZD45LaWuVoROUrk2j4MRwHzK sI2B+8FA5GKiG1XWRmvTaqm9NZl/N8C2IVmvw1yPDVdSQ0cn90NeJdjcqFt9VV1e RljXNebLmbE0eLXvhB2ZHPmEy/uedzr2isrLzvejU2NyJKE4qwmc4Xv1o9cxT85J lh4KOPkOEIgTAsKvywG1bilv5cNLhliEN7CzcFO2AIDIYLz4Txy8WiOHHEIYxTWt DlhdcXACQ/jpzt8dZh+yMUU33FjsO7fLSb7eaGe0FIx8juZG5gIr0OTg/6eZi+Eb ruaOCGsKHV0uKBIvID22nDjJnvKsp0fDzKDTz9522ypNQI7k3Krv7I7nM46Y9oN8 n1gVKH0DflS/eZnMDgixUoBHg35pFPSz6FpSAcZRPFxCBU45+K2u0ZZ7Yq1BwEWc c8c12hVnydyIdNmdqVNIXfcdal+fAZd3ZD9fS53UMQac+RnU5LnLHVaZuyMkITyw IjJWolZj5JfENaEOEPOkspzm48cu/vp+u4yBnMMy7KyuXGI8y5rQGQIF1/7QJ/SJ kWVE+qFiI2OPCMQlcyvEZqcaiBqXVrA8kAtH4P0fzz09M806+kb3dqzmxiEUweR7 YaRWSBLir9t6LXRAgAEw1v6oKxwMUWc5ES63QvHultdc4rhB2tFwwuvg0aYXVi3+ HEm7O44WhX5qQgqOUY0N2AJB30i7VNelwLK2Xt3wm/ychcHhkv+otLp17WvBVjA+ 6LnJAClnPFm1CLJbpVMi9iebHkw9kJDsN2CZqVs6clSGVYYzIMfogg8969Qona8=
=TI29
-----END PGP SIGNATURE-----

--
To UNSUBSCRIBE, email to [email protected]
with a subject of "unsubscribe". Trouble? Contact [email protected] Archive: https://lists.debian.org/[email protected]

--- SoupGate-Win32 v1.05
* Origin: you cannot sedate... all the things you hate (1:229/2)

Who's Online
Recent Visitors
- Bob Worm
  Tue Jun 9 14:47:58 2026
  from Wales, Uk via Telnet
- Krenn
  Tue Jun 9 11:18:15 2026
  from Sydney, Nsw via Telnet
- Bob Worm
  Tue Jun 9 10:31:07 2026
  from Wales, Uk via Telnet
- Centurion
  Mon Jun 8 23:30:43 2026
  from Berea, Ohio via Telnet
- Centurion
  Mon Jun 8 21:33:11 2026
  from Berea, Ohio via Telnet
- Bob Worm
  Mon Jun 8 20:15:00 2026
  from Wales, Uk via Telnet
- Bob Worm
  Mon Jun 8 16:33:22 2026
  from Wales, Uk via Telnet
- Bob Worm
  Mon Jun 8 14:11:46 2026
  from Wales, Uk via Telnet

System Info

Sysop:	Keyop
Location:	Huddersfield, West Yorkshire, UK
Users:	715
Nodes:	16 (2 / 14)
Uptime:	47:34:58
Calls:	12,112
Calls today:	3
Files:	15,010
Messages:	6,518,500

[SECURITY] [DSA 3131-1] xdg-utils security update

Who's Online

Recent Visitors

System Info