A vulnerability was found in FileZilla which might allow privilege escalation.
|Package||net-ftp/filezilla on all architectures|
|Affected versions||< 126.96.36.199|
|Unaffected versions||>= 188.8.131.52|
FileZilla is an open source FTP client.
It was discovered that FileZilla uses an untrusted search path.
An attacker could use a malicious binary to escalate privileges.
There is no known workaround at this time.
All FileZilla users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=net-ftp/filezilla-184.108.40.206"
July 27, 2020
July 27, 2020: 1