Summary: | <net-misc/networkmanager-vpnc-1.2.6: privilege escalation allows to execute arbitrary commands as root (CVE-2018-10900) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Florian Schuhmacher <mynt1aa> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | normal | CC: | gnome |
Priority: | Normal | Flags: | stable-bot:
sanity-check+
|
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | https://gitlab.gnome.org/GNOME/NetworkManager-vpnc/commit/07ac18a32b4 | ||
Whiteboard: | B2 [glsa+ cve] | ||
Package list: |
net-misc/networkmanager-vpnc-1.2.6
|
Runtime testing required: | --- |
Description
Florian Schuhmacher
2018-07-21 03:05:34 UTC
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=3cf88f8d4ae9db896054b12a03ff17e495adbdfd commit 3cf88f8d4ae9db896054b12a03ff17e495adbdfd Author: Mart Raudsepp <leio@gentoo.org> AuthorDate: 2018-07-24 23:48:52 +0000 Commit: Mart Raudsepp <leio@gentoo.org> CommitDate: 2018-07-24 23:49:32 +0000 net-misc/networkmanager-vpnc: security bump to 1.2.6 Bug: https://bugs.gentoo.org/661712 Package-Manager: Portage-2.3.43, Repoman-2.3.10 net-misc/networkmanager-vpnc/Manifest | 1 + .../networkmanager-vpnc-1.2.6.ebuild | 49 ++++++++++++++++++++++ 2 files changed, 50 insertions(+) amd64 stable x86 stable GLSA filled. Acked-by: ChrisADR Michael Boyle Security Padawan. GLSA filled. Acked-by: ChrisADR Michael Boyle Security Padawan. This issue was resolved and addressed in GLSA 201808-03 at https://security.gentoo.org/glsa/201808-03 by GLSA coordinator Thomas Deutschmann (whissi). |