Summary: | <sys-apps/dbus-1.12.16: authentication bypass through manipulated symlinks (CVE-2019-12749) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Lars Wendler (Polynomial-C) (RETIRED) <polynomial-c> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | normal | CC: | freedesktop-bugs |
Priority: | Normal | Flags: | stable-bot:
sanity-check+
|
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | A1 [glsa+ cve] | ||
Package list: |
sys-apps/dbus-1.12.16
|
Runtime testing required: | --- |
Description
Lars Wendler (Polynomial-C) (RETIRED)
2019-06-12 07:28:33 UTC
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=3f9ebc0d9df37658801b5f733f6865d7d49cebab commit 3f9ebc0d9df37658801b5f733f6865d7d49cebab Author: Lars Wendler <polynomial-c@gentoo.org> AuthorDate: 2019-06-12 07:29:39 +0000 Commit: Lars Wendler <polynomial-c@gentoo.org> CommitDate: 2019-06-12 07:30:13 +0000 sys-apps/dbus: Security bump to version 1.12.16 Bug: https://bugs.gentoo.org/687900 Package-Manager: Portage-2.3.67, Repoman-2.3.14 Signed-off-by: Lars Wendler <polynomial-c@gentoo.org> sys-apps/dbus/Manifest | 1 + sys-apps/dbus/dbus-1.12.16.ebuild | 286 ++++++++++++++++++++++++++++++++++++++ 2 files changed, 287 insertions(+) Arches, please stabilize... sparc stable amd64 stable hppa stable x86 stable s390 stable ia64 stable ppc stable ppc64 stable alpha stable arm64 stable sh stable arm stable The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=833afb297c0c28a7c8110ceb1c8d380e46700661 commit 833afb297c0c28a7c8110ceb1c8d380e46700661 Author: Andreas Sturmlechner <asturm@gentoo.org> AuthorDate: 2019-07-28 11:22:37 +0000 Commit: Andreas Sturmlechner <asturm@gentoo.org> CommitDate: 2019-07-28 11:23:32 +0000 sys-apps/dbus: Security cleanup Bug: https://bugs.gentoo.org/687900 Package-Manager: Portage-2.3.69, Repoman-2.3.16 Signed-off-by: Andreas Sturmlechner <asturm@gentoo.org> sys-apps/dbus/Manifest | 2 - sys-apps/dbus/dbus-1.12.12-r1.ebuild | 281 ---------------------------------- sys-apps/dbus/dbus-1.12.12-r2.ebuild | 287 ----------------------------------- sys-apps/dbus/dbus-1.12.14.ebuild | 286 ---------------------------------- 4 files changed, 856 deletions(-) This issue was resolved and addressed in GLSA 201909-08 at https://security.gentoo.org/glsa/201909-08 by GLSA coordinator Thomas Deutschmann (whissi). |