Advisories ยป MGASA-2014-0341

Updated catfish package fixes CVE-2014-2093

Publication date: 21 Aug 2014
Type: security
Affected Mageia releases : 3
CVE: CVE-2014-2093

Description

Updated catfish package fixes security vulnerability:

Untrusted search path vulnerability in Catfish allows local users to gain
privileges via a Trojan horse catfish.py in the current working directory
(CVE-2014-2093).

Additionally, the update fixes the application icon symlink and a crash when
some icons are missing from the icon theme.
                

References

SRPMS

3/core