This file contains ambiguous Unicode characters that may be confused with others in your current locale. If your use case is intentional and legitimate, you can safely ignore this warning. Use the Escape button to highlight these characters.
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
<glsaid="201812-10">
<title>GKSu: Arbitrary command execution</title>
<synopsis>A vulnerability in GKSu might allow attackers to execute arbitrary
commands.
</synopsis>
<producttype="ebuild">gksu</product>
<announced>2018-12-30</announced>
<revisedcount="1">2018-12-30</revised>
<bug>534540</bug>
<access>remote</access>
<affected>
<packagename="x11-libs/gksu"auto="yes"arch="*">
<vulnerablerange="le">2.0.2</vulnerable>
</package>
</affected>
<background>
<p>A library that provides a Gtk+ frontend to su and sudo.</p>
</background>
<description>
<p>A vulnerability was discovered in GKSu’s gksu-run-helper.</p>
</description>
<impacttype="normal">
<p>An attacker could execute arbitrary commands.</p>
</impact>
<workaround>
<p>There is no known workaround at this time.</p>
</workaround>
<resolution>
<p>Gentoo has discontinued support for GKSu and recommends that users