[ubuntu/bionic-security] xdg-utils 1.1.2-1ubuntu2.4 (Accepted)
Leonidas S. Barbosa
leo.barbosa at canonical.com
Thu Nov 26 14:07:22 UTC 2020
xdg-utils (1.1.2-1ubuntu2.4) bionic-security; urgency=medium
* SECURITY UPDATE: local file inclusion vulnerability
- debian/patches/CVE-2020-27748.patch: remove attachment handling from
mailto in scripts/xdg-email.in.
- CVE-2020-27748
xdg-utils (1.1.2-1ubuntu2.3) bionic; urgency=medium
* Use perl's decode() to ensure we don't pass invalid UTF-8 to D-Bus, as
doing so triggers an assertion from libdbus which makes us crash. LP:
#1743216 (Debian #910070, Upstream #108121)
Date: 2020-11-25 13:09:22.432364+00:00
Changed-By: leo.barbosa at canonical.com (Leonidas S. Barbosa)
https://launchpad.net/ubuntu/+source/xdg-utils/1.1.2-1ubuntu2.4
-------------- next part --------------
Sorry, changesfile not available.
More information about the Bionic-changes
mailing list