3.6-maintenance : lp:~trebelnik-stefina/cinnamon-test/+git/xreader : Git : Code : Cinnamon testing

Get this branch:: git clone -b 3.6-maintenance https://git.launchpad.net/~trebelnik-stefina/cinnamon-test/+git/xreader

Branch information

06042da... by Clement Lefebvre <email address hidden> on 2023-12-18

3.6.6

comics: Use unarr for rar support when using libarchive 3.4.

69fc872... by Clement Lefebvre <email address hidden> on 2023-12-18

3.6.5

dvi: Don't manually escape the exported filename.

Use g_shell_escape on the filename, as manually escaping can
allow command injection attacks.

9395f14... by Clement Lefebvre <email address hidden> on 2023-12-18

3.6.4

comics: Use libarchive to unpack documents [CVE-2023-44452].

This commit eliminates the use of external commands for opening
comic documents, and uses libarchive instead.

Fixes:
CVE-2023-44452 - Linux Mint Xreader CBT File Parsing Argument
Injection Remote Code Execution Vulnerability.

This vulnerability was discovered by:
Febin Mon Saji working with Trend Micro Zero Day Initiative

epub: Prevent path traversal when extracting files [CVE-2023-44451]

Test each file's resolved path against the temporary directory
before extracting.

Fixes:
CVE-2023-44451 - Linux Mint Xreader EPUB File Parsing Directory
Traversal Remote Code Execution Vulnerability.

This vulnerability was discovered by:
Febin Mon Saji working with Trend Micro Zero Day Initiative

6d3e57c... by Clement Lefebvre <email address hidden> on 2023-01-11

3.6.3

ps backend: disable pdf export using libspectre.

Pdf export doesn't work currently due to libspectre attempting
to use a no-longer-supported ghostscript operator (.setpdfwrite).

Fixes #562

ev-spectre (ps): Print any render error message before returning.

»