gvfs 1.40.1-1ubuntu0.1 source package in Ubuntu

Changelog

gvfs (1.40.1-1ubuntu0.1) disco-security; urgency=medium

  * SECURITY UPDATE: file ownership mishandling
    - debian/patches/CVE-2019-12447-1.patch: allow changing file owner in
      daemon/gvfsbackendadmin.c.
    - debian/patches/CVE-2019-12447-2.patch: use fsuid to ensure correct
      file ownership in daemon/gvfsbackendadmin.c.
    - CVE-2019-12447
  * SECURITY UPDATE: race conditions in admin backend
    - debian/patches/CVE-2019-12448.patch: add query_info_on_read/write
      functionality in daemon/gvfsbackendadmin.c.
    - CVE-2019-12448
  * SECURITY UPDATE: user and group ownership mishandling during move
    - debian/patches/CVE-2019-12449.patch: ensure correct ownership when
      moving to file:// uri in daemon/gvfsbackendadmin.c.
    - CVE-2019-12449
  * SECURITY UPDATE: incorrect D-Bus server socket restrictions
    - debian/patches/CVE-2019-12795-1.patch: check that the connecting
      client is the same user in daemon/gvfsdaemon.c.
    - debian/patches/CVE-2019-12795-2.patch: only accept EXTERNAL
      authentication in daemon/gvfsdaemon.c.
    - CVE-2019-12795

 -- Marc Deslauriers <email address hidden>  Fri, 05 Jul 2019 08:31:52 -0400

Upload details

Uploaded by:
Marc Deslauriers
Uploaded to:
Disco
Original maintainer:
Ubuntu Developers
Architectures:
any all
Section:
gnome
Urgency:
Medium Urgency

See full publishing history Publishing

Series Pocket Published Component Section

Downloads

File Size SHA-256 Checksum
gvfs_1.40.1.orig.tar.xz 1.1 MiB 927af496efee4767f1ba12694190f9c93bc512a44854e88dbb6f5792abfad6b1
gvfs_1.40.1-1ubuntu0.1.debian.tar.xz 26.3 KiB 3470bf132c000546cf09890760c0164970ba38b4cc874676ad71537719a19c6c
gvfs_1.40.1-1ubuntu0.1.dsc 3.4 KiB 053464da4470d6989f128a0fb848bf488911df6101fe1c380db3e09ae9396054

View changes file

Binary packages built by this source

gvfs: No summary available for gvfs in ubuntu disco.

No description available for gvfs in ubuntu disco.

gvfs-backends: No summary available for gvfs-backends in ubuntu disco.

No description available for gvfs-backends in ubuntu disco.

gvfs-backends-dbgsym: No summary available for gvfs-backends-dbgsym in ubuntu disco.

No description available for gvfs-backends-dbgsym in ubuntu disco.

gvfs-bin: No summary available for gvfs-bin in ubuntu disco.

No description available for gvfs-bin in ubuntu disco.

gvfs-common: No summary available for gvfs-common in ubuntu disco.

No description available for gvfs-common in ubuntu disco.

gvfs-daemons: No summary available for gvfs-daemons in ubuntu disco.

No description available for gvfs-daemons in ubuntu disco.

gvfs-daemons-dbgsym: No summary available for gvfs-daemons-dbgsym in ubuntu disco.

No description available for gvfs-daemons-dbgsym in ubuntu disco.

gvfs-dbgsym: No summary available for gvfs-dbgsym in ubuntu disco.

No description available for gvfs-dbgsym in ubuntu disco.

gvfs-fuse: No summary available for gvfs-fuse in ubuntu disco.

No description available for gvfs-fuse in ubuntu disco.

gvfs-fuse-dbgsym: No summary available for gvfs-fuse-dbgsym in ubuntu disco.

No description available for gvfs-fuse-dbgsym in ubuntu disco.

gvfs-libs: No summary available for gvfs-libs in ubuntu disco.

No description available for gvfs-libs in ubuntu disco.

gvfs-libs-dbgsym: No summary available for gvfs-libs-dbgsym in ubuntu disco.

No description available for gvfs-libs-dbgsym in ubuntu disco.