oss-sec mailing list archives
Links < 2.1 security issue
From: Pierre-Yves Rofes <py () gentoo org>
Date: Sun, 27 Jul 2008 23:19:29 +0200
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi, Our links maintainer catched this: http://links.twibright.com/download/ChangeLog http://bugs.gentoo.org/show_bug.cgi?id=231737 Quoting changelog: "Security bug fixed: when "only proxies" is selected, don't pass URLs to external programs" Anyone investigated this, or even has a clue on the potential impact? Not sure if a CVE can be assigned, since this is very (too?) vague... - -- Pierre-Yves Rofes Gentoo Linux Security Team -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.9 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iEYEARECAAYFAkiM5mEACgkQuhJ+ozIKI5jqogCfdnQPTfA0RFWaSaF7kOD59w2h 8lAAmwSK0w0nKpzrJUuKCejrvkgm7oP6 =trsQ -----END PGP SIGNATURE-----
Current thread:
- Links < 2.1 security issue Pierre-Yves Rofes (Jul 27)
- Re: Links < 2.1 security issue Steven M. Christey (Jul 27)
- Re: Links < 2.1 security issue Nico Golde (Jul 28)
- Re: Links < 2.1 security issue Steven M. Christey (Jul 27)