Advisories » MGASA-2016-0001

Updated pitivi packages fix security vulnerability

Publication date: 09 Jan 2016
Modification date: 09 Jan 2016
Type: security
Affected Mageia releases : 5
CVE: CVE-2015-0855

Description

In pitivi before 0.95, double-clicking a file in the user's media library
with a specially-crafted path or filename allows for arbitrary code
execution with the permissions of the user running Pitivi (CVE-2015-0855).
                

References

• https://bugs.mageia.org/show_bug.cgi?id=17393
• http://openwall.com/lists/oss-security/2015/12/23/8
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0855

SRPMS

5/core

• pitivi-0.94-3.1.mga5