-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 3.0 (quilt) Source: xdg-utils Binary: xdg-utils Architecture: all Version: 1.1.0~rc1+git20111210-6+deb7u3 Maintainer: Per Olofsson <[email protected]> Uploaders: Fathi Boudra <[email protected]> Homepage: http://portland.freedesktop.org/ Standards-Version: 3.9.2 Vcs-Browser: http://git.debian.org/?p=collab-maint/xdg-utils.git Vcs-Git: git://git.debian.org/git/collab-maint/xdg-utils.git Build-Depends: debhelper (>= 8), xmlto, mawk | awk, w3m Package-List: xdg-utils deb utils optional Checksums-Sha1: 5ff3bdce38395b73ebc499fd206685e4eb5ebfc5 327534 xdg-utils_1.1.0~rc1+git20111210.orig.tar.gz 033d643da189a74a59d58a29cac8231931dacc6a 11940 xdg-utils_1.1.0~rc1+git20111210-6+deb7u3.debian.tar.gz Checksums-Sha256: cb1a9898d5c6dbf23d924e3d6b12df8ea2ab883380bda1f0d4b010bd86fd2015 327534 xdg-utils_1.1.0~rc1+git20111210.orig.tar.gz 08e6dbca542b95f47a3deba02dbd07547e7ad7e71331d11c71f656b82d7bc32a 11940 xdg-utils_1.1.0~rc1+git20111210-6+deb7u3.debian.tar.gz Files: 1238359ea2c99246e1ba8292c4eabd32 327534 xdg-utils_1.1.0~rc1+git20111210.orig.tar.gz bdbb6d9b6d08c43c241b7e72ee0615fa 11940 xdg-utils_1.1.0~rc1+git20111210-6+deb7u3.debian.tar.gz -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQQcBAEBCgAGBQJU6U65AAoJELjWss0C1vRzOWEgALvInk835dCMKdqbhofD+Hop qvtNY9pBjirEO12fg0+DNQGdQjrh0Jync5H3ynrCktphPLItBF9i2fP1KWwBp/// YS2xtU3agl44GOZ/5fWvD0Sj6URNodNxYi29QUmndbSCvqddg54nydCHLVtymbLC 9lobrqWv5lb38Nodk9eZCurG2UB/K2TObA76BqwENt4uEs0degBOUA3BHJov5ybC uwcVU3RuVxCne//EuZlDPCroWragg01aRyi2Kj6oFO479FQGAeYbllczl7Pc8er/ nxYgSj/jydkMwviCZiw6XbpfPtbzBtEk2rUSsxg7x57bIpHiaEkRxZJFELDsexea PZCVv77UuZkykf5cREJMkw9kpW7rwAy1I4biUIHQejaeo5X0eEeJZ5ZuDzhK769f /O3KNdMWx8duWM0nk9lynQBInktx07/1roeBi1KMQJyGgEwUFWPSJJwBsidFJT3O y78ZfhMNXrGkB9/wkxtqWlXj+1R5MLQ0DgQ8L0wNDYj3e5DPTm0ELWrlho2QXeWs QmDtfPZm2DxxbdiZZ9ajdl7rYDmv19Wu0HWAPWyB9oUmQ6FMzsWjIC2WimbGBMw0 5LPLHnguHbNc8xvNlqscaLaWbWvh1SagLq70J9hD1ZGnAv5D7JupGeI7WTFcpRJf BZqYolClabaw0y6E56irUddVfPIj1Pq4dvc7zkg0T4L3wIZs3uS/hQJ4V20QXlTy 17MyOO5WXv0R0R8Gti6CF2MZENR/apB/SBpXj5FVj+LUyz4Q/O3351/ec5q6C2p0 nB7XEMFq83ukefiAAbR+Qq16vQuyXyFOn0KHHDllUIFHGPquVp/uw4E5XUai7HYI B/V2kLGNz1rDmCYMt9FVQrBy2bgS7QQlOji3QQOpCBhABbwH46K1Wjybd/gCbOGx DnYpXT+6JNrql/5cQrEtBNPv27ZAysXKSVHYyefqcEKqOc/xM4UmtRA0vgyye82j XkRek7CnK4CRqOu+Wo7/TgZ0t/9eo/BBJWvp/oJeEohGZDOgGFGfs5evQlv6Runp fEqD7cFwiTViwFEJViThg7A9mY3bGo10fAJ6Syj9ZREU1afzPH10xAQUOAb2rmUp 7NriIkq/SWhkWfBKoAtk7PR0r7uQmNjYixRvK/W5LyB7N4BsXP0hQGUGD8n17+mj MaOSjJabHkRm7ANcBeXoDUtbCZhPbCyrZcLCktNSiSfb86y64qkLXAGE+PJm9+jX nO5nxukzvs5o0tAyxWi5Q/L+ywE8ROVQCds3J6AeGn4Ii6JclJTDpgTX9Y+9z7dx pNvofiAXdFWXMq/9lmBaNoCflmrXAlphUW7HXhDuDrrT6r0WMsNBfcKJF8aIKI0= =9kt7 -----END PGP SIGNATURE----- Changes: xdg-utils (1.1.0~rc1+git20111210-6+deb7u3) stable-security; urgency=high * Non-maintainer upload by the Security Team. * Fix CVE-2015-1877: command injection vulnerability in xdg-open due to not really local variables in dash (closes: #777722). -- Michael Gilbert <[email protected]> Sun, 22 Feb 2015 03:29:59 +0000