evince 3.22.1-4 source package in Debian
Changelog
evince (3.22.1-4) unstable; urgency=high * d/p/comics-Remove-support-for-tar-and-tar-like-commands.patch: Fix possible command injection vulnerability in CBT handler, this patch removes handling of the CBT file format completely and evince now requires unrar, unzip or 7z to open cbr, cbz or cb7 files (CVE-2017-1000083) Discovered by Felix Wilhelm from the Google Security Team. -- Laurent Bigonville <email address hidden> Thu, 13 Jul 2017 15:47:05 +0200
Upload details
- Uploaded by:
- Debian GNOME Maintainers
- Uploaded to:
- Sid
- Original maintainer:
- Debian GNOME Maintainers
- Architectures:
- any all
- Section:
- gnome
- Urgency:
- Very Urgent
See full publishing history Publishing
Series | Published | Component | Section |
---|
Builds
Downloads
File | Size | SHA-256 Checksum |
---|---|---|
evince_3.22.1-4.dsc | 2.7 KiB | e022d6c61aa98bd0b497e90e7d048f532479824a7aa429432924a64aa492228e |
evince_3.22.1.orig.tar.xz | 3.2 MiB | f3d439db3b5a5745d26175d615a71dffa1535235b1e3aa0b85d397ea33ab231c |
evince_3.22.1-4.debian.tar.xz | 28.5 KiB | 2a838676422349b1e15d2bab199bbec31ced33a7f54b8b851b186e0ca3cd5ded |
No changes file available.