Summary: | <gnome-base/gvfs-1.40.2: Multiple vulnerabilities (CVE-2019-{12447,12448,12449,12795}) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Kristian Fiskerstrand (RETIRED) <k_f> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | minor | CC: | gnome |
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | https://mail.gnome.org/archives/ftp-release-list/2019-July/msg00048.html | ||
Whiteboard: | B3 [noglsa cve] | ||
Package list: |
gnome-base/gvfs-1.40.2
|
Runtime testing required: | --- |
Bug Depends on: | 685254 | ||
Bug Blocks: |
Description
Kristian Fiskerstrand (RETIRED)
2019-07-18 12:28:46 UTC
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=885e8c1e16f17802d657b7c0079aaa4bc18d01e3 commit 885e8c1e16f17802d657b7c0079aaa4bc18d01e3 Author: Mart Raudsepp <leio@gentoo.org> AuthorDate: 2019-07-23 18:20:20 +0000 Commit: Mart Raudsepp <leio@gentoo.org> CommitDate: 2019-07-23 18:20:39 +0000 gnome-base/gvfs: security bump to 1.38.3 Bug: https://bugs.gentoo.org/690144 Package-Manager: Portage-2.3.62, Repoman-2.3.12 Signed-off-by: Mart Raudsepp <leio@gentoo.org> gnome-base/gvfs/Manifest | 1 + .../gvfs/files/1.38.3-gvfsdaemon-rpath.patch | 35 ++++++ gnome-base/gvfs/gvfs-1.38.3.ebuild | 136 +++++++++++++++++++++ 3 files changed, 172 insertions(+) arm64 stable x86 stable amd64 stable ppc64 stable ppc stable sparc stable alpha stable arm stable re-adding arm, since I'm currently unable to push stuff (due to my outdated key) - sorry about that... arm stable ia64, please wake up commit 354b35983ebf3517f5c7201f600f6181eb9c74ee Author: Mart Raudsepp <leio@gentoo.org> Date: Sat Jan 11 21:48:54 2020 +0200 gnome-base/gvfs: ia64 stable (bug #685254) Tree is clean. Resetting sanity check; keywords are not fully specified and arches are not CC-ed. CVE ID: CVE-2019-12447 Summary: An issue was discovered in GNOME gvfs 1.29.4 through 1.41.2. daemon/gvfsbackendadmin.c mishandles file ownership because setfsuid is not used. Published: 2019-05-29T17:29:00.000Z -------------------------------------------------------------------------------- State: ASSIGNED Bugs: https://bugs.gentoo.org/690144 CVE-2019-12448 CVE ID: CVE-2019-12448 Summary: An issue was discovered in GNOME gvfs 1.29.4 through 1.41.2. daemon/gvfsbackendadmin.c has race conditions because the admin backend doesn't implement query_info_on_read/write. Published: Not yet published -------------------------------------------------------------------------------- State: ASSIGNED Bugs: https://bugs.gentoo.org/690144 CVE-2019-12449 CVE ID: CVE-2019-12449 Summary: An issue was discovered in GNOME gvfs 1.29.4 through 1.41.2. daemon/gvfsbackendadmin.c mishandles a file's user and group ownership during move (and copy with G_FILE_COPY_ALL_METADATA) operations from admin:// to file:// URIs, because root privileges are unavailable. Published: 2019-05-29T17:29:00.000Z -------------------------------------------------------------------------------- State: ASSIGNED Bugs: https://bugs.gentoo.org/690144 CVE-2019-12795 CVE ID: CVE-2019-12795 Summary: daemon/gvfsdaemon.c in gvfsd from GNOME gvfs before 1.38.3, 1.40.x before 1.40.2, and 1.41.x before 1.41.3 opened a private D-Bus server socket without configuring an authorization rule. A local attacker could connect to this server socket and issue D-Bus method calls. (Note that the server socket only accepts a single connection, so the attacker would have to discover the server and connect to the socket before its owner does.) Published: Not yet published -------------------------------------------------------------------------------- State: ASSIGNED Bugs: https://bugs.gentoo.org/690144 __________________________ GLSA Vote: No Thank you all for you work. Closing as [noglsa]. |