projects / buildroot.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: e49aa31) | patch
package/gvfs: fix CVE-2019-12447
authorFabrice Fontaine <fontaine.fabrice@gmail.com>
Sun, 29 Mar 2020 16:02:44 +0000 (18:02 +0200)
committerYann E. MORIN <yann.morin.1998@free.fr>
Sun, 29 Mar 2020 16:34:43 +0000 (18:34 +0200)
commit062d0f6913ed6e787123b32d0d8ffe9703efe3ce
tree80ea3c9b6f7b8ad7781503a1a305b5df5e9978a8tree
parente49aa31f5ccd19078765e170dbfd01ff6e7fcb14commit | diff
package/gvfs: fix CVE-2019-12447

An issue was discovered in GNOME gvfs 1.29.4 through 1.41.2.
daemon/gvfsbackendadmin.c mishandles file ownership because setfsuid is
not used.

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
package/gvfs/0003-admin-Allow-changing-file-owner.patch [new file with mode: 0644] blob
package/gvfs/0004-admin-Use-fsuid-to-ensure-correct-file-ownership.patch [new file with mode: 0644] blob
package/gvfs/gvfs.mk diff | blob | history