-
Security Vulnerability
-
Resolution: Fixed
-
Normal
-
None
-
None
x11-misc/xdg-utils-1.1.2-r1 has medium and high severity CVEs:
regarding the high severity one: CVE-2017-18266
debian recommended upgrading the package: https://lists.debian.org/debian-lts-announce/2018/05/msg00014.html
some more details about exploitation: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=881767
regarding medium severity CVE-2020-27748
it's not patched yet: https://gitlab.freedesktop.org/xdg/xdg-utils/-/issues/177
looks like it affects only email clients
found using https://github.com/mrl5/vulner
example packages that depend on xdg-utils
$ emerge -pv xdg-utils app-office/libreoffice-bin-7.3.0.3 (x11-misc/xdg-utils) www-client/google-chrome-98.0.4758.80 (x11-misc/xdg-utils)
- relates to
-
FL-9404 autogen for x11-misc/xdg-utils
- Closed