group.of.nepali.translators team mailing list archive
-
group.of.nepali.translators team
-
Mailing list archive
-
Message #11321
[Bug 1668552] Re: KDE Project Security Advisory: ktnef: Directory Traversal
** Also affects: ktnef (Ubuntu Xenial)
Importance: Undecided
Status: New
** Also affects: ktnef (Ubuntu Yakkety)
Importance: Undecided
Status: New
** Also affects: kdepim (Ubuntu)
Importance: Undecided
Status: New
** Changed in: kdepim (Ubuntu)
Status: New => Invalid
** No longer affects: kdepim (Ubuntu Xenial)
** No longer affects: kdepim (Ubuntu Yakkety)
** Also affects: kdepim (Ubuntu Trusty)
Importance: Undecided
Status: New
** Also affects: ktnef (Ubuntu Trusty)
Importance: Undecided
Status: New
** No longer affects: ktnef (Ubuntu Trusty)
--
You received this bug notification because you are a member of नेपाली
भाषा समायोजकहरुको समूह, which is subscribed to Xenial.
Matching subscriptions: Ubuntu 16.04 Bugs
https://bugs.launchpad.net/bugs/1668552
Title:
KDE Project Security Advisory: ktnef: Directory Traversal
Status in kdepim package in Ubuntu:
Invalid
Status in ktnef package in Ubuntu:
Triaged
Status in kdepim source package in Trusty:
New
Status in ktnef source package in Xenial:
New
Status in ktnef source package in Yakkety:
New
Bug description:
KDE Project Security Advisory
=============================
Title: ktnef: Directory Traversal
Risk Rating: Medium
CVE: TBC
Versions: ktnef <= 5.4.2 (KDE Applications 16.12.2)
Date: 27 February 2017
Overview
========
A directory traversal issue was found in ktnef which can
be exploited by tricking a user into opening a malicious winmail.dat file.
The issue allows to write files with the permission of the user opening
the winmail.dat file during extraction.
Solution
========
Update to ktnef >= 5.4.3 (KDE Applications 16.12.3) (when released)
Or apply the following patch:
https://commits.kde.org/ktnef/4ff38aa15487d69021aacad4b078500f77fb4ae8
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/kdepim/+bug/1668552/+subscriptions
