Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status

Nautilus: Denial of Service — GLSA 202408-17

A vulnerability has been discovered in Nautilus, which can lead to a denial of service.

Affected packages

Package gnome-base/nautilus on all architectures
Affected versions < 44.0
Unaffected versions >= 44.0

Background

Default file manager for the GNOME desktop

Description

Please review the CVE identifier referenced below for details.

Impact

GNOME Nautilus allows a NULL pointer dereference and get_basename application crash via a pasted ZIP archive.

Workaround

There is no known workaround at this time.

Resolution

All Nautilus users should upgrade to the latest version:

 # emerge --sync
 # emerge --ask --oneshot --verbose ">=gnome-base/nautilus-44.0"

References

Release date
August 09, 2024

Latest revision
August 09, 2024: 1

Severity
normal

Exploitable
local

Bugzilla entries