Bug#616673: rhythmbox-plugins: Plugin "context" contains hardcoded path to /tmp/context/
Josselin Mouette
joss at debian.org
Fri Jun 22 19:16:22 UTC 2012
tag 616673 security
severity 616673 grave
thanks
Le dimanche 06 mars 2011 à 14:58 +0100, Hans Spaans a écrit :
> The following files contain a hardcoded path to "/tmp/context/".
>
> /usr/lib/rhythmbox/plugins/context/AlbumTab.py
> /usr/lib/rhythmbox/plugins/context/ArtistTab.py
> /usr/lib/rhythmbox/plugins/context/LinksTab.py
> /usr/lib/rhythmbox/plugins/context/LyricsTab.py
Sorry for not replying earlier.
This terrible newbie mistake is probably a local privilege escalation
vulnerability.
Squeeze is affected.
--
.''`. Josselin Mouette
: :' :
`. `'
`-
More information about the pkg-gnome-maintainers
mailing list