Bug#929753: glib2.0: CVE-2019-12450

Salvatore Bonaccorso carnil at debian.org
Thu May 30 14:32:14 BST 2019

Package: glib2.0
Source: glib2.0
Version: 2.58.3-1
Severity: important
Tags: security upstream
Control: found -1 2.50.3-2


The following vulnerability was published for glib2.0.

| file_copy_fallback in gio/gfile.c in GNOME GLib 2.15.0 through 2.61.1
| does not properly restrict file permissions while a copy operation is
| in progress. Instead, default permissions are used.

If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.

For further information see:

[0] https://security-tracker.debian.org/tracker/CVE-2019-12450
[1] https://gitlab.gnome.org/GNOME/glib/commit/d8f8f4d637ce43f8699ba94c9b7648beda0ca174


More information about the pkg-gnome-maintainers mailing list