| Summary: | newsbeuter CLI RSS feed | ||
|---|---|---|---|
| Product: | Mageia | Reporter: | thomas bjo <thomasbjornvold> |
| Component: | New RPM package request | Assignee: | All Packagers <pkg-bugs> |
| Status: | NEW --- | QA Contact: | |
| Severity: | enhancement | ||
| Priority: | Normal | CC: | abbuyy, marja11, zombie_ryushu |
| Version: | Cauldron | ||
| Target Milestone: | --- | ||
| Hardware: | x86_64 | ||
| OS: | Linux | ||
| URL: | http://newsbeuter.org/index.html | ||
| Whiteboard: | |||
| Source RPM: | newsbeuter | CVE: | |
| Status comment: | |||
|
Description
thomas bjo
2012-10-08 12:06:20 CEST
Manuel Hiebel
2012-11-11 00:46:25 CET
Source RPM:
http://rpm.pbone.net/index.php3/stat/4/idpl/18535359/dir/mandriva_2011/com/newsbeuter-debug-2.5-1-mdv2011.0.i586.rpm.html =>
newsbeuter Good program. CC:
(none) =>
abbuyy
Klava Petrenko
2014-02-17 16:02:12 CET
Version:
Cauldron =>
4
Marja Van Waes
2015-09-21 10:40:39 CEST
CC:
(none) =>
marja11 Assigning this package request to all packagers collectively. On a voluntary basis, one of them might want to integrate it to the distribution and maintain it for bug and security fixes. You might also want to join the packager team to maintain this piece of software: see https://wiki.mageia.org/en/Becoming_a_Mageia_Packager Assignee:
bugsquad =>
pkg-bugs It was discovered that podbeuter, the podcast fetcher in newsbeuter, a text-mode RSS feed reader, did not properly escape the name of the media enclosure (the podcast file), allowing a remote attacker to run an arbitrary shell command on the client machine. This is only exploitable if the file is also played in podbeuter. So if we ever package this, https://www.debian.org/security/2017/dsa-3977 CC:
(none) =>
zombie_ryushu |