Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
openSUSE:Maintenance:10541
patchinfo
_patchinfo
Overview
Details
Repositories
Revisions
Requests
Users
Attributes
Meta
File _patchinfo of Package patchinfo
<patchinfo incident="10541"> <issue tracker="bnc" id="1137930">VUL-1: CVE-2019-12795: gvfs: attack via local D-Bus method calls</issue> <issue tracker="bnc" id="1136986">VUL-0: CVE-2019-12447: gvfs: mishandling of in file ownership in daemon/gvfsbackendadmin.c due to no use of setfsuid</issue> <issue tracker="bnc" id="1136992">VUL-0: CVE-2019-12449: gvfs: mishandling of file's user and group ownership in daemon/gvfsbackendadmin.c due to unavailability of root privileges</issue> <issue tracker="bnc" id="1136981">VUL-0: CVE-2019-12448: gvfs: race conditions in daemon/gvfsbackendadmin.c due to implementation of query_info_on_read/write at admin backend</issue> <issue tracker="bnc" id="1125433">gvfs: removal of /usr/share/polkit-1/rules.d/org.gtk.vfs.file-operations.rules</issue> <issue tracker="cve" id="2019-12795"/> <issue tracker="cve" id="2019-12447"/> <issue tracker="cve" id="2019-12448"/> <issue tracker="cve" id="2019-12449"/> <category>security</category> <rating>important</rating> <packager>mgorse</packager> <description>This update for gvfs fixes the following issues: Security issues fixed: - CVE-2019-12795: Fixed a vulnerability which could have allowed attacks via local D-Bus method calls (bsc#1137930). - CVE-2019-12447: Fixed an improper handling of file ownership in daemon/gvfsbackendadmin.c due to no use of setfsuid (bsc#1136986). - CVE-2019-12449: Fixed an improper handling of file's user and group ownership in daemon/gvfsbackendadmin.c (bsc#1136992). - CVE-2019-12448: Fixed race conditions in daemon/gvfsbackendadmin.c due to implementation of query_info_on_read/write at admin backend (bsc#1136981). Other issue addressed: - Drop polkit rules files that are only relevant for wheel group (bsc#1125433). This update was imported from the SUSE:SLE-15:Update update project.</description> <summary>Security update for gvfs</summary> </patchinfo>
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor