GKSu: Arbitrary command execution

2018-12-30T00:00:00
ID GLSA-201812-10
Type gentoo
Reporter Gentoo Foundation
Modified 2018-12-30T00:00:00

Description

Background

A library that provides a Gtk+ frontend to su and sudo.

Description

A vulnerability was discovered in GKSu’s gksu-run-helper.

Impact

An attacker could execute arbitrary commands.

Workaround

There is no known workaround at this time.

Resolution

Gentoo has discontinued support for GKSu and recommends that users unmerge the package:

 # emerge --unmerge "x11-libs/gksu"