Overview

File _patchinfo of Package patchinfo.7707

<patchinfo incident="7707">
  <issue id="1059057" tracker="bnc">VUL-0: CVE-2017-14500: newsbeuter: Improper Neutralization of Special Elements used in an OS Command in the podcastplayback function of Podbeuter in Newsbeuter 0.3 through 2.9 allows remoteattackers to perform user-assisted code execution by crafting</issue>
  <issue id="2017-14500" tracker="cve" />
  <category>security</category>
  <rating>important</rating>
  <packager>jubalh</packager>
  <description>This update for newsbeuter fixes one issues.

This security issue was fixed:

- CVE-2017-14500: Improper Neutralization of special elements allowed remote
  attackers to perform user-assisted code execution by crafting an RSS item with
  a media enclosure that includes shell metacharacters in its filename
  (bsc#1059057).
</description>
  <summary>Security update for newsbeuter</summary>
</patchinfo>
openSUSE Build Service is sponsored by
Places