subject:"Bug#903828\: accountsservice\: CVE\-2018\-14036\: insufficient path check in user_change_icon_file_authorized_cb\(\) in user.c"

Bug#903828: accountsservice: CVE-2018-14036: insufficient path check in user_change_icon_file_authorized_cb() in user.c

2019-01-04 Thread Moritz Mühlenhoff

On Sun, Jul 15, 2018 at 02:55:15PM +0200, Salvatore Bonaccorso wrote: > Source: accountsservice > Version: 0.6.43-1 > Severity: important > Tags: patch security upstream > Forwarded: https://bugs.freedesktop.org/show_bug.cgi?id=107085 > Control: found -1 0.6.45-1 > > Hi, > > The following

Bug#903828: accountsservice: CVE-2018-14036: insufficient path check in user_change_icon_file_authorized_cb() in user.c

2018-07-15 Thread Salvatore Bonaccorso

Source: accountsservice Version: 0.6.43-1 Severity: important Tags: patch security upstream Forwarded: https://bugs.freedesktop.org/show_bug.cgi?id=107085 Control: found -1 0.6.45-1 Hi, The following vulnerability was published for accountsservice. CVE-2018-14036[0]: | Directory Traversal with