Markus Koschany pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
0011af4b by Markus Koschany at 2018-11-22T20:55:39Z
CVE-2018-19358,gnome-keyring: no-dsa for Jessie
- - - - -
54026d69 by Markus Koschany at 2018-11-22T20:56:27Z
Merge branch 'master' of
salsa.debian.org:security-tracker-team/security-tracker
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -244,8 +244,13 @@ CVE-2018-19359 [Unauthorized service template creation]
NOTE:
https://about.gitlab.com/2018/11/19/critical-security-release-gitlab-11-dot-4-dot-6-released/
CVE-2018-19358 (GNOME Keyring through 3.28.2 allows local users to retrieve
login ...)
- gnome-keyring <unfixed> (bug #914154)
+ [jessie] - gnome-keyring <no-dsa> (The current design works as expected)
NOTE:
https://bugs.launchpad.net/ubuntu/+source/gnome-keyring/+bug/1780365
NOTE: https://github.com/sungjungk/keyring_crack
+ NOTE: The default keyring is automatically unlocked upon successful
login.
+ NOTE: The current behavior to access passwords via DBus is expected but
+ NOTE: cannot be compromised by another user on the system. Users can
choose
+ NOTE: to use a separate keyring if they prefer to be prompted.
CVE-2018-19357
RESERVED
CVE-2018-19356
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/compare/59eb9031fb92ee7b088e97efd550a75129e2c1cd...54026d69fbaa444d46d461c497fe203741dce118
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/compare/59eb9031fb92ee7b088e97efd550a75129e2c1cd...54026d69fbaa444d46d461c497fe203741dce118
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
