Bug 421461 (CVE-2007-6389)
Summary: | CVE-2007-6389 gnome-screensaver clipboard content leak | ||
---|---|---|---|
Product: | [Other] Security Response | Reporter: | Lubomir Kundrak <lkundrak> |
Component: | vulnerability | Assignee: | Red Hat Product Security <security-response-team> |
Status: | CLOSED ERRATA | QA Contact: | |
Severity: | low | Docs Contact: | |
Priority: | low | ||
Version: | unspecified | CC: | rstrode |
Target Milestone: | --- | Keywords: | Security |
Target Release: | --- | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | http://bugzilla.gnome.org/show_bug.cgi?id=503005 | ||
Whiteboard: | |||
Fixed In Version: | Doc Type: | Bug Fix | |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2008-05-07 20:11:11 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: | |||
Bug Depends On: | 426169, 426170, 426171 | ||
Bug Blocks: |
Description
Lubomir Kundrak
2007-12-12 14:00:23 UTC
CVE identifier was requested This was recently fixed upstream. ah, i'm not paying close enough attention. you've already mentioned the upstream report. Ray: Still thanks for noticing. I'd like to see this fixed by an update, but Mitre still didn't assign a CVE. By the way, does the user have possibility to disable the feature at all? It's a compile time thing, unfortunately. The only way to disable it is to rebuild without libnotify support or turn on dialog themes and load a themed dialog that lacks the button (I think our default one lacks the button actually, so you should be able to use it until an update goes out). What's the status of fixing this in stable releases? this fell off my radar, i'll look into this today after some 5.2 work. This only affects the version of Gnome in Fedora, as the current version in RHEL5 lacks the ability to leave a message for a user. This issue was addressed in: Fedora: https://admin.fedoraproject.org/updates/F7/FEDORA-2008-2818 https://admin.fedoraproject.org/updates/F8/FEDORA-2008-2872 |