This bug was fixed in the package kconfig - 5.60.0-0ubuntu2
--------------- kconfig (5.60.0-0ubuntu2) eoan; urgency=medium
* SECURITY UPDATE: malicious .desktop files (and others) would execute code (LP: #1839432). - debian/patches/CVE-2019-14744.diff: removes the affected feature as currently 'unused'. - CVE-2019-14744
-- Rik Mills <email address hidden> Thu, 08 Aug 2019 09:13:45 +0100
This bug was fixed in the package kconfig - 5.60.0-0ubuntu2
---------------
kconfig (5.60.0-0ubuntu2) eoan; urgency=medium
* SECURITY UPDATE: malicious .desktop files (and others) would execute patches/ CVE-2019- 14744.diff: removes the affected feature as
code (LP: #1839432).
- debian/
currently 'unused'.
- CVE-2019-14744
-- Rik Mills <email address hidden> Thu, 08 Aug 2019 09:13:45 +0100