Ignore:
Timestamp:
02/12/2024 11:58:40 PM (4 months ago)
Author:
Bruce Dubbs <bdubbs@…>
Branches:
12.1, ken/TL2024, lazarus, trunk, xry111/llvm18
Children:
89c7c42a, 9e51948
Parents:
a7b74d67
Message:

Remove warning that is no longer valid

File:
1 edited

Legend:

Unmodified
Added
Removed

  • xsoft/other/xdg-utils.xml

    ra7b74d67 r600ea420  
    3232      It is required for Linux Standards Base (LSB) conformance.
    3333    </para>
    34 
    35     <warning>
    36       <para>
    37         A security vulnerability exists in all versions of
    38         <application>xdg-utils</application> from version 1.1.0rc1 when handling
    39         mailto: URIs. An attacker could potentially send a victim a URI that
    40         automatically attaches a sensitive file to a new email. If a victim user
    41         does not notice that an attachment was added and sends the email, this
    42         could result in sensitive information disclosure.
    43       </para>
    44 
    45       <para>
    46         To mitigate this flaw, either do not use mailto links at all, or always
    47         double-check in the user interface that there are no unwanted attachments
    48         before sending emails, especially when the email originates from clicking
    49         on a mailto link.
    50       </para>
    51     </warning>
    5234
    5335    &lfs120_checked;
Note: See TracChangeset for help on using the changeset viewer.