CVE-2021-23827: Keybase Desktop Client before 5.6.0 on Windows and macOS, and before 5.6.1 on Linux, allows an attacker to obtain potentially sensitive media (such as private pictures) in the Cache and uploadtemps directories. It fails to effectively clear cached pictures, even after deletion via normal methodology within the client, or by utilizing the "Explode message/Explode now" functionality. Local filesystem access is needed by the attacker. Fixed in 5.6.1. Please bump.
Package list is empty or all packages have requested keywords.
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=4c0821137568278280fc6bfee114f5924c546384 commit 4c0821137568278280fc6bfee114f5924c546384 Author: John Helmert III <ajak@gentoo.org> AuthorDate: 2022-08-15 04:25:14 +0000 Commit: John Helmert III <ajak@gentoo.org> CommitDate: 2022-08-15 04:25:14 +0000 profiles: last rite app-crypt/keybase Bug: https://bugs.gentoo.org/772209 Signed-off-by: John Helmert III <ajak@gentoo.org> profiles/package.mask | 5 +++++ 1 file changed, 5 insertions(+)
The bug has been closed via the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=fa7c21416cd00b4093cdfc1348f12b0de816dd5d commit fa7c21416cd00b4093cdfc1348f12b0de816dd5d Author: Jakov Smolić <jsmolic@gentoo.org> AuthorDate: 2022-09-29 07:41:46 +0000 Commit: Jakov Smolić <jsmolic@gentoo.org> CommitDate: 2022-09-29 07:41:46 +0000 app-crypt/keybase: treeclean Closes: https://bugs.gentoo.org/747811 Closes: https://bugs.gentoo.org/844595 Closes: https://bugs.gentoo.org/772209 Closes: https://bugs.gentoo.org/682608 Closes: https://bugs.gentoo.org/658676 Closes: https://bugs.gentoo.org/667298 Signed-off-by: Jakov Smolić <jsmolic@gentoo.org> app-crypt/keybase/Manifest | 1 - app-crypt/keybase/keybase-5.1.1.ebuild | 52 ---------------------------------- app-crypt/keybase/keybase-9999.ebuild | 52 ---------------------------------- app-crypt/keybase/metadata.xml | 11 ------- profiles/package.mask | 5 ---- 5 files changed, 121 deletions(-)