Liferea Update Closes Security Hole

Oct 31, 2007

The new stable version 1.4.6 of the Liferea newsfeed reader fixes several bugs including a vulnerability.

In the release notes Lars Lindner reports that a bug concerning backups of the "feedlist.opml" file has been fixed. This is the file that Liferea uses to store the user’s news sources. After writing feedlist.opml, the program set incorrect permissions when creating the backup file. Local users could have exploited this to sniff passwords and user accounts on the system.

The vulnerability affects all versions including the current 1.4.6 version. Users are advised to update. The bugfix release is available as a source code archive from Sourceforge.

Related content

comments powered by Disqus

Issue 208/2018

Buy this issue as a PDF

Digital Issue: Price $9.99
(incl. VAT)


njobs Europe
Njobs Netherlands Njobs Deutschland Njobs United Kingdom Njobs Italia Njobs France Njobs Espana Njobs Poland
Njobs Austria Njobs Denmark Njobs Belgium Njobs Czech Republic Njobs Mexico Njobs India Njobs Colombia