21824 – nautilus new security issue CVE-2017-14604

Bug 21824 - nautilus new security issue CVE-2017-14604

Summary: nautilus new security issue CVE-2017-14604

Status:	RESOLVED OLD

Alias:	None

Product:	Mageia
Classification:	Unclassified
Component:	Security (show other bugs)
Version:	5
Hardware:	All Linux

Priority:	Normal Severity: normal
Target Milestone:	---
Assignee:	GNOME maintainers
QA Contact:	Sec team

URL:
Whiteboard:
Keywords:

Depends on:
Blocks:

Reported:	2017-10-10 00:30 CEST by David Walser
Modified:	2017-12-29 17:39 CET (History)
CC List:	1 user (show)

See Also:
Source RPM:	nautilus-3.14.2-1.1.mga5.src.rpm
CVE:
Status comment:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Description David Walser 2017-10-10 00:30:58 CEST

Debian has issued an advisory on October 7:
https://www.debian.org/security/2017/dsa-3994

Mageia 5 and Mageia 6 are also affected.

David Walser 2017-10-10 00:31:04 CEST

Whiteboard: (none) => MGA6TOO, MGA5TOO

Marja Van Waes 2017-10-10 15:02:15 CEST

Assignee: bugsquad => gnome
CC: (none) => marja11

Comment 1 David Walser 2017-12-29 17:39:16 CET

Patch for this is already upstream as of the version we have in Mageia 6.

Debian's patch doesn't come close to applying for Mageia 5, so we won't fix this.

Version: Cauldron => 5
Whiteboard: MGA6TOO, MGA5TOO => (none)
Resolution: (none) => OLD
Source RPM: nautilus-3.26.0-2.mga7.src.rpm => nautilus-3.14.2-1.1.mga5.src.rpm
Status: NEW => RESOLVED

Note You need to log in before you can comment on or make changes to this bug.