[Bug 1205210] New: update tumbler to 4.16.1 for security issue
http://bugzilla.opensuse.org/show_bug.cgi?id=1205210 Bug ID: 1205210 Summary: update tumbler to 4.16.1 for security issue Classification: openSUSE Product: openSUSE Distribution Version: Leap 15.3 Hardware: Other OS: Other Status: NEW Severity: Major Priority: P5 - None Component: Xfce Assignee: bnc-team-xfce@forge.provo.novell.com Reporter: poczta-sn@gazeta.pl QA Contact: qa-bugs@suse.de Found By: --- Blocker: --- User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:106.0) Gecko/20100101 Firefox/106.0 Build Identifier: corrects: https://gitlab.xfce.org/xfce/tumbler/-/issues/65 [Vulnerability] SSRF when directory with malicious mp4 file is opened Reproducible: Always -- You are receiving this mail because: You are on the CC list for the bug.
http://bugzilla.opensuse.org/show_bug.cgi?id=1205210 http://bugzilla.opensuse.org/show_bug.cgi?id=1205210#c1 Maurizio Galli <maurizio.galli@suse.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |CONFIRMED CC| |maurizio.galli@suse.com --- Comment #1 from Maurizio Galli <maurizio.galli@suse.com> --- Thanks I will push the update to Leap 15.3 and 15.4 -- You are receiving this mail because: You are on the CC list for the bug.
http://bugzilla.opensuse.org/show_bug.cgi?id=1205210 http://bugzilla.opensuse.org/show_bug.cgi?id=1205210#c2 --- Comment #2 from OBSbugzilla Bot <bwiedemann+obsbugzillabot@suse.com> --- This is an autogenerated message for OBS integration: This bug (1205210) was mentioned in https://build.opensuse.org/request/show/1034685 Backports:SLE-15-SP4 / tumbler https://build.opensuse.org/request/show/1034686 Backports:SLE-15-SP3 / tumbler -- You are receiving this mail because: You are on the CC list for the bug.
http://bugzilla.opensuse.org/show_bug.cgi?id=1205210 Andreas Stieger <Andreas.Stieger@gmx.de> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|CONFIRMED |IN_PROGRESS CC| |Andreas.Stieger@gmx.de Component|Xfce |Security Version|Leap 15.3 |Leap 15.4 Assignee|bnc-team-xfce@forge.provo.n |security-team@suse.de |ovell.com | Summary|update tumbler to 4.16.1 |VUL-0: tumbler: SSRF when |for security issue |directory with malicious | |mp4 file is opened -- You are receiving this mail because: You are on the CC list for the bug.
http://bugzilla.opensuse.org/show_bug.cgi?id=1205210 http://bugzilla.opensuse.org/show_bug.cgi?id=1205210#c3 --- Comment #3 from S��awomir Nizio <poczta-sn@gazeta.pl> --- (In reply to Maurizio Galli from comment #1)
Thanks I will push the update to Leap 15.3 and 15.4
Thanks. -- You are receiving this mail because: You are on the CC list for the bug.
participants (1)
-
bugzilla_noreply@suse.com