Package: newsbeuter / 2.8-2+deb8u2
Patch seriesview the series file
|1 fix RCE on bookmark.patch | (download)||
7 4 + 3 - 0 !
fix a rce vulnerability on the bookmark command Newsbeuter didn't properly escape the title and description fields before passing them to the bookmarking program which could lead to remote code execution using the shells command substitution functionality (e.g. "$()", ``, etc)
|2 Work around shell code in podcast names 598.patch | (download)||
work around shell code in podcast names (#598)