Debian Security Advisory
DLA-1063-1 extplorer -- LTS security update
- Date Reported:
- 21 Aug 2017
- Affected Packages:
- Security database references:
- In Mitre's CVE dictionary: CVE-2017-12756.
- More information:
Fix command inject in transfer from another server in extplorer 2.1.9 and prior allows attacker to inject command via the userfile parameter.
For Debian 7
Wheezy, these problems have been fixed in version 2.1.0b6+dfsg.3-4+deb7u5.
We recommend that you upgrade your extplorer packages.
Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS