gvfs 1.40.1-1ubuntu1 source package in Ubuntu

Changelog

gvfs (1.40.1-1ubuntu1) eoan; urgency=medium

  * SECURITY UPDATE: file ownership mishandling
    - debian/patches/CVE-2019-12447-1.patch: allow changing file owner in
      daemon/gvfsbackendadmin.c.
    - debian/patches/CVE-2019-12447-2.patch: use fsuid to ensure correct
      file ownership in daemon/gvfsbackendadmin.c.
    - CVE-2019-12447
  * SECURITY UPDATE: race conditions in admin backend
    - debian/patches/CVE-2019-12448.patch: add query_info_on_read/write
      functionality in daemon/gvfsbackendadmin.c.
    - CVE-2019-12448
  * SECURITY UPDATE: user and group ownership mishandling during move
    - debian/patches/CVE-2019-12449.patch: ensure correct ownership when
      moving to file:// uri in daemon/gvfsbackendadmin.c.
    - CVE-2019-12449
  * SECURITY UPDATE: incorrect D-Bus server socket restrictions
    - debian/patches/CVE-2019-12795-1.patch: check that the connecting
      client is the same user in daemon/gvfsdaemon.c.
    - debian/patches/CVE-2019-12795-2.patch: only accept EXTERNAL
      authentication in daemon/gvfsdaemon.c.
    - CVE-2019-12795

 -- Marc Deslauriers <email address hidden>  Fri, 05 Jul 2019 08:31:52 -0400

Upload details

Uploaded by:
Marc Deslauriers
Uploaded to:
Eoan
Original maintainer:
Ubuntu Developers
Architectures:
any all
Section:
libs
Urgency:
Medium Urgency

See full publishing history Publishing

Series Pocket Published Component Section

Downloads

File Size SHA-256 Checksum
gvfs_1.40.1.orig.tar.xz 1.1 MiB 927af496efee4767f1ba12694190f9c93bc512a44854e88dbb6f5792abfad6b1
gvfs_1.40.1-1ubuntu1.debian.tar.xz 26.3 KiB a3c81179df2473d54c074e74ff535d14723303474bef82c3e9cdacaf0256df19
gvfs_1.40.1-1ubuntu1.dsc 3.4 KiB f6546a28938c7b016bf959bc5f1b54726b6854b1b9f1902623c730038644989d

View changes file

Binary packages built by this source

gvfs: No summary available for gvfs in ubuntu eoan.

No description available for gvfs in ubuntu eoan.

gvfs-backends: No summary available for gvfs-backends in ubuntu eoan.

No description available for gvfs-backends in ubuntu eoan.

gvfs-backends-dbgsym: No summary available for gvfs-backends-dbgsym in ubuntu eoan.

No description available for gvfs-backends-dbgsym in ubuntu eoan.

gvfs-bin: No summary available for gvfs-bin in ubuntu eoan.

No description available for gvfs-bin in ubuntu eoan.

gvfs-common: No summary available for gvfs-common in ubuntu eoan.

No description available for gvfs-common in ubuntu eoan.

gvfs-daemons: No summary available for gvfs-daemons in ubuntu eoan.

No description available for gvfs-daemons in ubuntu eoan.

gvfs-daemons-dbgsym: No summary available for gvfs-daemons-dbgsym in ubuntu eoan.

No description available for gvfs-daemons-dbgsym in ubuntu eoan.

gvfs-dbgsym: No summary available for gvfs-dbgsym in ubuntu eoan.

No description available for gvfs-dbgsym in ubuntu eoan.

gvfs-fuse: No summary available for gvfs-fuse in ubuntu eoan.

No description available for gvfs-fuse in ubuntu eoan.

gvfs-fuse-dbgsym: No summary available for gvfs-fuse-dbgsym in ubuntu eoan.

No description available for gvfs-fuse-dbgsym in ubuntu eoan.

gvfs-libs: No summary available for gvfs-libs in ubuntu eoan.

No description available for gvfs-libs in ubuntu eoan.

gvfs-libs-dbgsym: No summary available for gvfs-libs-dbgsym in ubuntu eoan.

No description available for gvfs-libs-dbgsym in ubuntu eoan.