Bug 1726505 (CVE-2019-12795)
Summary: | CVE-2019-12795 gvfs: improper authorization in daemon/gvfsdaemon.c in gvfsd | ||
---|---|---|---|
Product: | [Other] Security Response | Reporter: | Dhananjay Arunesh <darunesh> |
Component: | vulnerability | Assignee: | Red Hat Product Security <security-response-team> |
Status: | CLOSED ERRATA | QA Contact: | |
Severity: | low | Docs Contact: | |
Priority: | low | ||
Version: | unspecified | CC: | oholy |
Target Milestone: | --- | Keywords: | Security |
Target Release: | --- | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | |||
Fixed In Version: | gvfs 1.38.3, gvfs 1.40.2, gvfs 1.41.3 | Doc Type: | If docs needed, set a value |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2019-11-06 00:52:55 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: | |||
Bug Depends On: | 1726507, 1729884, 1729885, 1729886 | ||
Bug Blocks: | 1726506 |
Description
Dhananjay Arunesh
2019-07-03 04:54:46 UTC
Created gvfs tracking bugs for this issue: Affects: fedora-all [bug 1726507] Statement: This issue affects the versions of gvfs as shipped with Red Hat Enterprise Linux 6, 7, and 8. Red Hat Enterprise Linux 6 is now in Maintenance Support 2 Phase of the support and maintenance life cycle. This has been rated as having a security impact of Low, and is not currently planned to be addressed in future updates. For additional information, refer to the Red Hat Enterprise Linux Life Cycle: https://access.redhat.com/support/policy/updates/errata/. This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2019:3553 https://access.redhat.com/errata/RHSA-2019:3553 This bug is now closed. Further updates for individual products will be reflected on the CVE page(s): https://access.redhat.com/security/cve/cve-2019-12795 |