This bug was fixed in the package content-hub -
0.0+15.04.20150331-0ubuntu1.0
---------------
content-hub (0.0+15.04.20150331-0ubuntu1.0) vivid-security; urgency=medium
* SECURITY UPDATE: file disclosure via unchecked AppArmor profile
(LP: #1456628)
- debian/patches/lp1456628.patch: Don't allow exporting of files that
aren't allowed by the source apparmor profile
- CVE-2015-1327
-- Ken VanDine <[email protected]> Mon, 01 Jun 2015 11:17:27
-0400
** Changed in: content-hub (Ubuntu Vivid)
Status: In Progress => Fix Released
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1456628
Title:
DBUS API doesn't prevent confined apps from passing paths to files
without access
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/content-hub/+bug/1456628/+subscriptions
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
