nixpkgs

History

worldofpeace 02ea0d3959 gvfs: fix CVE-2019-1244{7.8.9} This is a version of #63481 for master. CVE-2019-12447: daemon/gvfsbackendadmin.c mishandles file ownership because setfsuid is not used. CVE-2019-12448: daemon/gvfsbackendadmin.c has race conditions because the admin backend doesn't implement query_info_on_read/write. CVE-2019-12449: daemon/gvfsbackendadmin.c mishandles a file's user and group ownership during move (and copy with G_FILE_COPY_ALL_METADATA) operations from admin:// to file:// URIs, because root privileges are unavailable. Upstream MR: https://gitlab.gnome.org/GNOME/gvfs/merge_requests/48	2019-06-18 19:48:47 -04:00
..
default.nix	gvfs: fix CVE-2019-1244{7.8.9}	2019-06-18 19:48:47 -04:00

worldofpeace 02ea0d3959 gvfs: fix CVE-2019-1244{7.8.9}

This is a version of #63481 for master.

CVE-2019-12447:
daemon/gvfsbackendadmin.c mishandles file ownership because setfsuid is
not used.

CVE-2019-12448:
daemon/gvfsbackendadmin.c has race conditions because the admin backend
doesn't implement query_info_on_read/write.

CVE-2019-12449:
daemon/gvfsbackendadmin.c mishandles a file's user and group ownership
during move (and copy with G_FILE_COPY_ALL_METADATA) operations
from admin:// to file:// URIs, because root privileges are unavailable.

Upstream MR: https://gitlab.gnome.org/GNOME/gvfs/merge_requests/48

2019-06-18 19:48:47 -04:00

default.nix

gvfs: fix CVE-2019-1244{7.8.9}

2019-06-18 19:48:47 -04:00