1 ignored security issue in stretch

package:
gksu
severity:
low
created:
2015-07-12
last updated:
2019-10-21

There is 1 open security issue in stretch.
1 issue skipped by the security teams:
  • CVE-2014-2886: GKSu 2.0.2, when sudo-mode is not enabled, uses " (double quote) characters in a gksu-run-helper argument, which allows attackers to execute arbitrary commands in certain situations involving an untrusted substring within this argument, as demonstrated by an untrusted filename encountered during installation of a VirtualBox extension pack.
Please fix it.