diff options
| author | Mark Felder <feld@FreeBSD.org> | 2015-09-17 16:19:49 +0000 |
|---|---|---|
| committer | Mark Felder <feld@FreeBSD.org> | 2015-09-17 16:19:49 +0000 |
| commit | 41878ed3b1767bc20f54dbbd2038a9e8bcf420f9 (patch) | |
| tree | 73463f248a8f68e59f3330f3835134c95d99a289 | |
| parent | 8fa758df469a105950cc77916a790b4be93d2b40 (diff) | |
| download | ports-41878ed3b1767bc20f54dbbd2038a9e8bcf420f9.tar.gz ports-41878ed3b1767bc20f54dbbd2038a9e8bcf420f9.zip | |
MFH: r397124
Fix arbitrary code execution vulnerability
Security: CVE-2015-0854
Security: d45ad7ae-5d56-11e5-9ad8-14dae9d210b8
Approved by: ports-secteam (with hat)
Notes
Notes:
svn path=/branches/2015Q3/; revision=397125
| -rw-r--r-- | deskutils/shutter/Makefile | 2 | ||||
| -rw-r--r-- | deskutils/shutter/files/patch-CVE-2015-0854 | 12 |
2 files changed, 13 insertions, 1 deletions
diff --git a/deskutils/shutter/Makefile b/deskutils/shutter/Makefile index 16b2844c58f1..82bf7c5f1932 100644 --- a/deskutils/shutter/Makefile +++ b/deskutils/shutter/Makefile @@ -3,7 +3,7 @@ PORTNAME= shutter PORTVERSION= 0.93.1 -PORTREVISION= 1 +PORTREVISION= 2 CATEGORIES= deskutils MASTER_SITES= http://shutter-project.org/wp-content/uploads/releases/tars/ diff --git a/deskutils/shutter/files/patch-CVE-2015-0854 b/deskutils/shutter/files/patch-CVE-2015-0854 new file mode 100644 index 000000000000..58e82b0a88ff --- /dev/null +++ b/deskutils/shutter/files/patch-CVE-2015-0854 @@ -0,0 +1,12 @@ +--- share/shutter/resources/modules/Shutter/App/HelperFunctions.pm.orig 2015-09-17 16:09:58 UTC ++++ share/shutter/resources/modules/Shutter/App/HelperFunctions.pm +@@ -53,7 +53,8 @@ sub new { + + sub xdg_open { + my ( $self, $dialog, $link, $user_data ) = @_; +- system("xdg-open $link"); ++ @args = ("xdg-open", "$link"); ++ system(@args); + if($?){ + my $response = $self->{_dialogs}->dlg_error_message( + sprintf( $self->{_d}->get("Error while executing %s."), "'xdg-open'"), |