Package: release.debian.org Severity: normal User: release.debian....@packages.debian.org Usertags: unblock
Please unblock package docx2txt [ Reason ] Fix mime security issue: '%s' [ Impact ] Potential vulnerability, or package unavailable if #985594 causes its removal. [ Tests ] none [ Risks ] change is trivial [ Checklist ] [X] all changes are documented in the d/changelog [X] I reviewed all changes and I approve them [X] attach debdiff against the package in testing unblock docx2txt/1.4-5 $ debdiff diff -Nru docx2txt-1.4/debian/changelog docx2txt-1.4/debian/changelog --- docx2txt-1.4/debian/changelog 2020-12-11 21:56:27.000000000 +0000 +++ docx2txt-1.4/debian/changelog 2021-03-20 17:13:44.000000000 +0000 @@ -1,3 +1,9 @@ +docx2txt (1.4-5) unstable; urgency=medium + + * Address security issue: do not quote %s in mailcap entry (closes: #985594) + + -- Barak A. Pearlmutter <b...@debian.org> Sat, 20 Mar 2021 17:13:44 +0000 + docx2txt (1.4-4) unstable; urgency=medium * debian/rules does not require root diff -Nru docx2txt-1.4/debian/docx2txt.mime docx2txt-1.4/debian/docx2txt.mime --- docx2txt-1.4/debian/docx2txt.mime 2020-12-11 21:55:16.000000000 +0000 +++ docx2txt-1.4/debian/docx2txt.mime 2021-03-20 17:12:47.000000000 +0000 @@ -1 +1 @@ -application/vnd.openxmlformats-officedocument.wordprocessingml.document; docx2txt '%s' - ; copiousoutput; description=Office Open XML Document +application/vnd.openxmlformats-officedocument.wordprocessingml.document; docx2txt %s - ; copiousoutput; description=Office Open XML Document
