|
|
Subscribe / Log in / New account

Mageia alert MGASA-2018-0389 (okular)

From:  Mageia Updates <buildsystem-daemon@mageia.org>
To:  updates-announce@ml.mageia.org
Subject:  [updates-announce] MGASA-2018-0389: Updated okular packages fix security vulnerability
Date:  Fri, 21 Sep 2018 18:27:24 +0200
Message-ID:  <20180921162724.23828A002A@duvel.mageia.org>

MGASA-2018-0389 - Updated okular packages fix security vulnerability Publication date: 21 Sep 2018 URL: https://advisories.mageia.org/MGASA-2018-0389.html Type: security Affected Mageia releases: 6 CVE: CVE-2018-1000801 Description: okular version 18.08 and earlier contains a Directory Traversal vulnerability in function "unpackDocumentArchive(...)" in "core/document.cpp" that can result in Arbitrary file creation on the user workstation. This attack appear to be exploitable via he victim must open a specially crafted Okular archive (CVE-2018-1000801). References: - https://bugs.mageia.org/show_bug.cgi?id=23562 - https://lists.fedoraproject.org/archives/list/package-ann... - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1... SRPMS: - 6/core/okular-17.12.2-1.1.mga6


to post comments


Copyright © 2025, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds