thunar: fix CVE-2021-32563 - linux/meta-openembedded.git - Mirror of git.openembedded.org/meta-openembedded

diff options

author	Stefan Ghinea <stefan.ghinea@windriver.com>	2021-05-25 21:24:58 +0300
committer	Khem Raj <raj.khem@gmail.com>	2021-05-28 06:55:33 -0700
commit	baa9453d57aa06554c823b5c7bd9c029e1858f89 (patch)
tree	1d9ac1e9f9a76a7fce120921fa3d3e27337010c8 /meta-python/recipes-devtools/python/python-flask-bootstrap.inc
parent	6c2a802f4265ebb83daa729eaf9d6b724a554b4b (diff)
download	meta-openembedded-baa9453d57aa06554c823b5c7bd9c029e1858f89.tar.gz

thunar: fix CVE-2021-32563

An issue was discovered in Thunar before 4.16.7 and 4.17.x before 4.17.2. When called with a regular file as a command-line argument, it delegates to a different program (based on the file type) without user confirmation. This could be used to achieve code execution. References: https://nvd.nist.gov/vuln/detail/CVE-2021-32563 Upstream patches: https://gitlab.xfce.org/xfce/thunar/-/commit/9165a61f95e43cc0b5abf9b98eee2818a0191e0b https://gitlab.xfce.org/xfce/thunar/-/commit/3b54d9d7dbd7fd16235e2141c43a7f18718f5664 Signed-off-by: Stefan Ghinea <stefan.ghinea@windriver.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>

Diffstat (limited to 'meta-python/recipes-devtools/python/python-flask-bootstrap.inc')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: