Description of problem: Media script (/usr/share/apps/konversation/scripts/media) that is distributed with konversation package reportedly does not escape tags from media files corrctly allowing command injection into IRC channel. See URL for details.
Dennis: so what about this? Could you please update vulnerable versions? I think that the best way would be to just remove the script.
konversation-1.0.1-4.fc8 has been submitted as an update for Fedora 8
konversation-1.0.1-4.fc7 has been submitted as an update for Fedora 7
konversation-1.0.1-4.fc8 has been pushed to the Fedora 8 testing repository. If problems still persist, please make note of it in this bug report. If you want to test the update, you can install it with su -c 'yum --enablerepo=updates-testing update konversation'. You can provide feedback for this update here: http://admin.fedoraproject.org/updates/F8/FEDORA-2008-2062
konversation-1.0.1-4.fc7 has been pushed to the Fedora 7 stable repository. If problems still persist, please make note of it in this bug report.
konversation-1.0.1-4.fc8 has been pushed to the Fedora 8 stable repository. If problems still persist, please make note of it in this bug report.
There is no need to remove media script from konversation. I tried CR LF on id3tag and it just wrote the text underlined. I'm not sure this deletion is a true solution. Could anyone provide a proof-of-concept for it?
This issue was addressed in: Fedora: https://admin.fedoraproject.org/updates/F7/FEDORA-2008-2122 https://admin.fedoraproject.org/updates/F8/FEDORA-2008-2062