Updated isodumper package fixes command injection
Publication date: 09 Oct 2015Modification date: 09 Oct 2015
Type: security
Affected Mageia releases : 5
Description
The volume label text could be injected and executed as a shell command in raw_format.py from isodumper.
References
SRPMS
5/core
- isodumper-0.43-1.mga5