** Changed in: ubuntu-mate
Status: Fix Committed => Fix Released
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1466633
Title:
Pluma Plugin "Snippets" Manager - Shell Command Injection
To
This bug was fixed in the package pluma - 1.12.2-2
---
pluma (1.12.2-2) unstable; urgency=medium
[ Martin Wimpress ]
* debian/patches:
+ Add _prevent_shell_code_injection.patch. Closes (LP: #1466633)
[ Mike Gabriel ]
* debian/control:
+ Bump Standards: to 3.9.7.
** Changed in: ubuntu-mate
Status: In Progress => Fix Committed
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1466633
Title:
Pluma Plugin "Snippets" Manager - Shell Command Injection
To
** Changed in: ubuntu-mate
Importance: Undecided => High
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1466633
Title:
Pluma Plugin "Snippets" Manager - Shell Command Injection
To manage
** Changed in: ubuntu-mate
Status: New => In Progress
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1466633
Title:
Pluma Plugin "Snippets" Manager - Shell Command Injection
To manage
** Changed in: pluma (Ubuntu)
Status: Incomplete => Fix Committed
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1466633
Title:
Pluma Plugin "Snippets" Manager - Shell Command Injection
To
I attached a patch witch solves the problem.
I have tested it with gedit 3.10.4 and Ubuntu 15.10
Should be the same in pluma.
** Patch added: "Patch for gedit importer.py"
https://bugs.launchpad.net/gedit/+bug/1466633/+attachment/4504703/+files/importer.py_Patch.diff
--
You received this
The attachment "Patch for gedit importer.py" seems to be a patch. If it
isn't, please remove the "patch" flag from the attachment, remove the
"patch" tag, and if you are a member of the ~ubuntu-reviewers,
unsubscribe the team.
[This is an automated message performed by a Launchpad user owned by
** Also affects: ubuntu-mate
Importance: Undecided
Status: New
** Also affects: gedit
Importance: Undecided
Status: New
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1466633
Also, I question the security relevancy of this report. It requires
quite a few actions from the user and I doubt an attacker could pull
such an attack off. I'd suggest taking this issue to the upstream
project but feel like it has negligible security impact.
--
You received this bug
Thanks for taking the time to report this bug and helping to make Ubuntu
better. Since the package referred to in this bug is in universe or
multiverse, it is community maintained. If you are able, I suggest
coordinating with upstream and posting a debdiff for this issue. When a
debdiff is
** Information type changed from Public to Public Security
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1466633
Title:
Pluma Plugin Snippets Manager - Shell Command Injection
To manage
Same problem with gedit 2.30.4 in Linux Mint 17.1 Rebecca
Watch my (german) Shell Command Injection Demo Video at Timecode
10:00min
https://www.youtube.com/watch?v=abP76r-2js0
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
13 matches
Mail list logo
