[Bug 1067342] VUL-0: CVE-2017-16667: backintime (aka Back in Time) before 1.1.24 did improper escaping/quoting offile paths used as arguments to the 'notify-send' command, leading to some partsof file paths being executed as shell commands within an os
18 Nov
2017
18 Nov
'17
20:17
http://bugzilla.suse.com/show_bug.cgi?id=1067342 http://bugzilla.suse.com/show_bug.cgi?id=1067342#c1 Tejas Guruswamy <masterpatricko@gmail.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |IN_PROGRESS --- Comment #1 from Tejas Guruswamy <masterpatricko@gmail.com> --- Archiving:Backup updated to upstream 1.1.24 (contains fix) and maintenance request #542839 sent for 42.2 and 42.3, v1.1.20 with backported patch from commit https://github.com/bit-team/backintime/commit/cef81d0da93ff601252607df3db1a4... -- You are receiving this mail because: You are on the CC list for the bug.
2608
Age (days ago)
2608
Last active (days ago)
0 comments
1 participants
participants (1)
-
bugzilla_noreply@novell.com