Bug#929753: glib2.0: CVE-2019-12450
Salvatore Bonaccorso
carnil at debian.org
Thu May 30 14:32:14 BST 2019
Package: glib2.0
Source: glib2.0
Version: 2.58.3-1
Severity: important
Tags: security upstream
Control: found -1 2.50.3-2
Hi,
The following vulnerability was published for glib2.0.
CVE-2019-12450[0]:
| file_copy_fallback in gio/gfile.c in GNOME GLib 2.15.0 through 2.61.1
| does not properly restrict file permissions while a copy operation is
| in progress. Instead, default permissions are used.
If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.
For further information see:
[0] https://security-tracker.debian.org/tracker/CVE-2019-12450
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12450
[1] https://gitlab.gnome.org/GNOME/glib/commit/d8f8f4d637ce43f8699ba94c9b7648beda0ca174
Regards,
Salvatore
More information about the pkg-gnome-maintainers
mailing list