Bug#982953: openshot-qt has mailcap entries with quoted %-escapes

To: submit@bugs.debian.org
Subject: Bug#982953: openshot-qt has mailcap entries with quoted %-escapes
From: Marriott NZ <marriott99@gmx.com>
Date: Wed, 17 Feb 2021 11:08:38 +0100
Message-id: <[🔎] trinity-1bc135a1-70f6-4766-8554-279714787b5c-1613556518353@3c-app-mailcom-bs01>
Reply-to: Marriott NZ <marriott99@gmx.com>, 982953@bugs.debian.org

Package: openshot-qt
Version: 2.5.1+dfsg1-1
Tags: security

Dear Maintainer,
the openshot-qt package has mailcap entries with quoted %-escapes. That is considered unsafe. Proper escaping should be left to the programs using the entry.

This Lintian tag is triggered:
https://lintian.debian.org/tags/quoted-placeholder-in-mailcap-entry.html

See also grave bug #930908, which was recently closed because "a Lintian test already exists":
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=930908

I'm using the "security" tag because the affected rules in combination with certain mail user agents (or document openers) are the cause of a shell command injection vulnerability.

/usr/lib/mime/packages/openshot-qt should be changed from:

 application/vnd.openshot-qt-project; /usr/bin/openshot-qt '%s'; test=test -n "$DISPLAY"; priority=5

to:

 application/vnd.openshot-qt-project; /usr/bin/openshot-qt %s; test=test -n "$DISPLAY"; priority=5

If you need more information let me know.

Thanks,
MNZ

Reply to:

Prev by Date: Bug#982952: flowblade has mailcap entries with quoted %-escapes
Next by Date: Bug#982964: zam-plugins should build verbosely
Previous by thread: Bug#982952: marked as done (flowblade has mailcap entries with quoted %-escapes)
Next by thread: Bug#982964: zam-plugins should build verbosely
Index(es):
- Date
- Thread