[Bug 1772919] Re: pam-gnome-keyring.so reveals user’s password credential as a plaintext form
This bug was fixed in the package gnome-keyring - 3.18.3-0ubuntu2.1 --- gnome-keyring (3.18.3-0ubuntu2.1) xenial-security; urgency=medium * SECURITY UPDATE: credentials exposed in memory (LP: #1772919) - debian/patches/CVE-2018-20781.patch: destroy the password in pam_sm_open_session in pam/gkr-pam-module.c. - CVE-2018-20781 -- Marc Deslauriers Thu, 14 Feb 2019 08:26:56 -0500 ** Changed in: gnome-keyring (Ubuntu Xenial) Status: Confirmed => Fix Released -- You received this bug notification because you are a member of Ubuntu Desktop Bugs, which is subscribed to gnome-keyring in Ubuntu. https://bugs.launchpad.net/bugs/1772919 Title: pam-gnome-keyring.so reveals user’s password credential as a plaintext form To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/gnome-keyring/+bug/1772919/+subscriptions -- desktop-bugs mailing list desktop-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/desktop-bugs
[Bug 1772919] Re: pam-gnome-keyring.so reveals user’s password credential as a plaintext form
This bug was fixed in the package gnome-keyring - 3.10.1-1ubuntu4.4 --- gnome-keyring (3.10.1-1ubuntu4.4) trusty-security; urgency=medium * SECURITY UPDATE: credentials exposed in memory (LP: #1772919) - debian/patches/CVE-2018-20781.patch: destroy the password in pam_sm_open_session in pam/gkr-pam-module.c. - CVE-2018-20781 -- Marc Deslauriers Thu, 14 Feb 2019 08:32:24 -0500 ** Changed in: gnome-keyring (Ubuntu Trusty) Status: Confirmed => Fix Released ** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2018-20781 -- You received this bug notification because you are a member of Ubuntu Desktop Bugs, which is subscribed to gnome-keyring in Ubuntu. https://bugs.launchpad.net/bugs/1772919 Title: pam-gnome-keyring.so reveals user’s password credential as a plaintext form To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/gnome-keyring/+bug/1772919/+subscriptions -- desktop-bugs mailing list desktop-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/desktop-bugs
[Bug 1772919] Re: pam-gnome-keyring.so reveals user’s password credential as a plaintext form
** Also affects: gnome-keyring (Ubuntu Xenial) Importance: Undecided Status: New ** Also affects: gnome-keyring (Ubuntu Trusty) Importance: Undecided Status: New ** Changed in: gnome-keyring (Ubuntu) Status: New => Fix Released ** Changed in: gnome-keyring (Ubuntu Trusty) Status: New => Confirmed ** Changed in: gnome-keyring (Ubuntu Xenial) Status: New => Confirmed -- You received this bug notification because you are a member of Ubuntu Desktop Bugs, which is subscribed to gnome-keyring in Ubuntu. https://bugs.launchpad.net/bugs/1772919 Title: pam-gnome-keyring.so reveals user’s password credential as a plaintext form To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/gnome-keyring/+bug/1772919/+subscriptions -- desktop-bugs mailing list desktop-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/desktop-bugs
[Bug 1772919] Re: pam-gnome-keyring.so reveals user’s password credential as a plaintext form
Please check the attached patch applied on gnome-keyring 3.28. (see https://bug781486.bugzilla-attachments.gnome.org/attachment.cgi?id=350049) -- You received this bug notification because you are a member of Ubuntu Desktop Bugs, which is subscribed to gnome-keyring in Ubuntu. https://bugs.launchpad.net/bugs/1772919 Title: pam-gnome-keyring.so reveals user’s password credential as a plaintext form To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/gnome-keyring/+bug/1772919/+subscriptions -- desktop-bugs mailing list desktop-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/desktop-bugs
[Bug 1772919] Re: pam-gnome-keyring.so reveals user’s password credential as a plaintext form
Setting to new because they submitted it upstream. -- You received this bug notification because you are a member of Ubuntu Desktop Bugs, which is subscribed to gnome-keyring in Ubuntu. https://bugs.launchpad.net/bugs/1772919 Title: pam-gnome-keyring.so reveals user’s password credential as a plaintext form To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/gnome-keyring/+bug/1772919/+subscriptions -- desktop-bugs mailing list desktop-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/desktop-bugs
[Bug 1772919] Re: pam-gnome-keyring.so reveals user’s password credential as a plaintext form
Setting to new because he submitted it upstream. ** Changed in: gnome-keyring (Ubuntu) Status: Incomplete => New -- You received this bug notification because you are a member of Ubuntu Desktop Bugs, which is subscribed to gnome-keyring in Ubuntu. https://bugs.launchpad.net/bugs/1772919 Title: pam-gnome-keyring.so reveals user’s password credential as a plaintext form To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/gnome-keyring/+bug/1772919/+subscriptions -- desktop-bugs mailing list desktop-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/desktop-bugs
[Bug 1772919] Re: pam-gnome-keyring.so reveals user’s password credential as a plaintext form
** Information type changed from Private Security to Public Security -- You received this bug notification because you are a member of Ubuntu Desktop Bugs, which is subscribed to gnome-keyring in Ubuntu. https://bugs.launchpad.net/bugs/1772919 Title: pam-gnome-keyring.so reveals user’s password credential as a plaintext form To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/gnome-keyring/+bug/1772919/+subscriptions -- desktop-bugs mailing list desktop-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/desktop-bugs