Commit a097f13f authored by David Faure's avatar David Faure
Browse files

Add ruqola advisory

CCMAIL: kde-security-preannounce@kde.org
parent a33d4826
KDE Project Security Advisory
=============================
Title: Ruqola: server info dialog can execute local binary
Risk Rating: Low
Versions: Ruqola <= 1.8.1
Author: David Faure <faure@kde.org>
Date: 24 November 2022
Overview
========
A user can be tricked into launching a local executable from Ruqola.
An attacker could document that users should configure a rocket chat server with a local file URL pointing to an executable. Uninformed users who would then click on the URL in the "Server Info" dialog box would end up launching this local executable unexpectedly.
Impact
======
Depends on the local executable being launched.
If the attacker ensures that a malicious shell script exists somewhere in the system
first, by other means, this could be a way to get the user to execute it.
Workaround
==========
Not clicking on the "Server URL" in the "Server Info" dialog box.
Solution
========
Update to Ruqola 5.8.2
or apply this patch: https://invent.kde.org/network/ruqola/-/commit/2c4ad7efd0fd30c
Credits
=======
Thanks to Mishra Dhiraj for reporting the issue.
Thanks to Laurent Montel for fixing the issue.
Thanks to both of them for reviewing the advisory.
......@@ -38,6 +38,7 @@ The KDE Security Advisories are crosslinked in the KDE Information Pages of
the KDE versions to which they apply to. The listing below is in chronological
order.
+ <a href="./advisory-20221129-1.txt">2022-11-29 Ruqola: server info dialog can execute local binary</a>
+ <a href="./advisory-20220216-1.txt">2022-02-16 kcron: Invalid temporary file handling.</a>
+ <a href="./advisory-20220131-1.txt">2022-01-31 KTextEditor/Kate: Missing validation of binaries executed via QProcess.</a>
+ <a href="./advisory-20211118-1.txt">2021-11-18 KMail: Encryption is ignored when "Server requires authentication" not checked in UI.</a>
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment