FS#54070 : [pcmanfm] [Security] denial of service (CVE-2017-8934)

FS#54070 - [pcmanfm] [Security] denial of service (CVE-2017-8934)

Attached to Project: Community Packages
Opened by Jelle van der Waa (jelly) - Monday, 15 May 2017, 18:47 GMT
Last edited by Balló György (City-busz) - Sunday, 18 June 2017, 09:23 GMT

Task Type	Bug Report
Category	Packages
Status	Closed
Assigned To	Balló György (City-busz) Levente Polyak (anthraxx)
Architecture	All
Severity	Medium
Priority	Normal
Reported Version
Due in Version	Undecided
Due Date	Undecided
Percent Complete
Votes	1 Pascal Ernster (hardfalcon) (2017-05-16)
Private	No

Details

Summary
=======

The package pcmanfm is vulnerable to denial of service via CVE-2017-8934.

Guidance
========

Upstream has a patch for this issue:
https://git.lxde.org/gitweb/?p=lxde/pcmanfm.git;a=blobdiff;f=src/single-inst.c;h=aaf84abc4a528ceaebb420cc96d52486baf4924b;hp=62c37b30bb7cc209203d076a0b7a99dd13c351ba;hb=bc8c3d871e9ecc67c47ff002b68cf049793faf08;hpb=43fcebfc71d7d5d07ab45539536694c27b87df9e

References
==========

https://security.archlinux.org/AVG-274
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=862571
https://git.lxde.org/gitweb/?p=lxde/pcmanfm.git;a=commitdiff;h=bc8c3d871e9ecc67c47ff002b68cf049793faf08

This task depends upon

Closed by Balló György (City-busz)
Sunday, 18 June 2017, 09:23 GMT
Reason for closing: Fixed
Additional comments about closing: pcmanfm 1.2.5-2 and pcmanfm-gtk3 1.2.5-2

	Tasks related to this task (0)

Duplicate tasks of this task (0)

Arch Linux

FS#54070 - [pcmanfm] [Security] denial of service (CVE-2017-8934)

Details

Loading...