Ubuntu
newsbeuter package

  1. Bug #275019
  2. Comment #4

Comment 4 for bug 275019

Revision history for this message
Jamie Strandboge (jdstrand) wrote :

newsbeuter (0.7-1ubuntu0.1) hardy-security; urgency=low

  * SECURITY UPDATE: arbitrary code execution via crafted item URLS.
    - src/view.cpp: Escape single quotes in item URLs. Fixes arbitrary
      code execution. Patch from Debian.
    - References:
      + CVE-2008-3907