Описание
Security update for evince
This update for evince provides the following fix:
- CVE-2017-1000159: Prevent command line injections via filenames when printing to a file. (bsc#1070046)
Список пакетов
SUSE Linux Enterprise Server 11 SP4
evince-2.28.2-0.7.3.1
evince-doc-2.28.2-0.7.3.1
evince-lang-2.28.2-0.7.3.1
SUSE Linux Enterprise Server for SAP Applications 11 SP4
evince-2.28.2-0.7.3.1
evince-doc-2.28.2-0.7.3.1
evince-lang-2.28.2-0.7.3.1
SUSE Linux Enterprise Software Development Kit 11 SP4
evince-devel-2.28.2-0.7.3.1
Ссылки
- Link for SUSE-SU-2018:0639-1
- E-Mail link for SUSE-SU-2018:0639-1
- SUSE Security Ratings
- SUSE Bug 1070046
- SUSE CVE CVE-2017-1000159 page
Описание
Command injection in evince via filename when printing to PDF. This affects versions earlier than 3.25.91.
Затронутые продукты
SUSE Linux Enterprise Server 11 SP4:evince-2.28.2-0.7.3.1
SUSE Linux Enterprise Server 11 SP4:evince-doc-2.28.2-0.7.3.1
SUSE Linux Enterprise Server 11 SP4:evince-lang-2.28.2-0.7.3.1
SUSE Linux Enterprise Server for SAP Applications 11 SP4:evince-2.28.2-0.7.3.1
Ссылки
- CVE-2017-1000159
- SUSE Bug 1070046