Changeset 600ea420 for xsoft/other/xdg-utils.xml
- Timestamp:
- 02/12/2024 11:58:40 PM (4 months ago)
- Branches:
- 12.1, ken/TL2024, lazarus, trunk, xry111/llvm18
- Children:
- 89c7c42a, 9e51948
- Parents:
- a7b74d67
- File:
-
- 1 edited
Legend:
- Unmodified
- Added
- Removed
-
xsoft/other/xdg-utils.xml
ra7b74d67 r600ea420 32 32 It is required for Linux Standards Base (LSB) conformance. 33 33 </para> 34 35 <warning>36 <para>37 A security vulnerability exists in all versions of38 <application>xdg-utils</application> from version 1.1.0rc1 when handling39 mailto: URIs. An attacker could potentially send a victim a URI that40 automatically attaches a sensitive file to a new email. If a victim user41 does not notice that an attachment was added and sends the email, this42 could result in sensitive information disclosure.43 </para>44 45 <para>46 To mitigate this flaw, either do not use mailto links at all, or always47 double-check in the user interface that there are no unwanted attachments48 before sending emails, especially when the email originates from clicking49 on a mailto link.50 </para>51 </warning>52 34 53 35 &lfs120_checked;
Note:
See TracChangeset
for help on using the changeset viewer.