Uploaded image for project: 'Funtoo Linux'
  1. Funtoo Linux
  2. FL-9387

xdg-utils - medium and high severity CVEs

XMLWordPrintable

      x11-misc/xdg-utils-1.1.2-r1 has medium and high severity CVEs:

      regarding the high severity one: CVE-2017-18266
      debian recommended upgrading the package: https://lists.debian.org/debian-lts-announce/2018/05/msg00014.html
      some more details about exploitation: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=881767

      regarding medium severity CVE-2020-27748
      it's not patched yet: https://gitlab.freedesktop.org/xdg/xdg-utils/-/issues/177
      looks like it affects only email clients

      found using https://github.com/mrl5/vulner

      example packages that depend on xdg-utils

      $ emerge -pv xdg-utils

app-office/libreoffice-bin-7.3.0.3 (x11-misc/xdg-utils)
www-client/google-chrome-98.0.4758.80 (x11-misc/xdg-utils)

            mrl5 mrl5
            mrl5 mrl5
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

              Created:
              Updated:
              Resolved: