nautilus 3.22.3-1+deb9u1 source package in Debian
Changelog
nautilus (3.22.3-1+deb9u1) stretch-security; urgency=high
[ Phil Wyett ]
* CVE-2017-14604: desktop_file_trust.patch
+ Spoof a file type by using the .desktop file extension, as demonstrated
by an attack in which a .desktop file's Name field ends in .pdf but
this file's Exec field launches a malicious "sh -c" command.
(Closes: #860268).
- Initial patch by Phil Wyett <email address hidden>
- Translations additions by Donncha O'Cearbhaill <email address hidden>
[ Yves-Alexis Perez ]
* Non-maintainer upload by the Security Team.
-- Yves-Alexis Perez <email address hidden> Sat, 07 Oct 2017 20:59:16 +0200
Upload details
- Uploaded by:
- Debian GNOME Maintainers
- Uploaded to:
- Stretch
- Original maintainer:
- Debian GNOME Maintainers
- Architectures:
- any all
- Section:
- gnome
- Urgency:
- Very Urgent
See full publishing history Publishing
| Series | Published | Component | Section | |
|---|---|---|---|---|
| Stretch | release | main | gnome |
Builds
Downloads
| File | Size | SHA-256 Checksum |
|---|---|---|
| nautilus_3.22.3-1+deb9u1.dsc | 2.5 KiB | 47365b9751f4e6031fd46bd3b24a4826c0a6ef188eadb81c61d19c2c71a65085 |
| nautilus_3.22.3.orig.tar.xz | 4.9 MiB | 64c232f743a2bae3fce3c76d5aa65e378d11bb431fefde9013162069abff4e22 |
| nautilus_3.22.3-1+deb9u1.debian.tar.xz | 27.1 KiB | e0e49aab49c5453558c39bb2a89ec61f550ca004525037917b65f8d2263c2c67 |
No changes file available.
