|
|
Subscribe / Log in / New account

Mageia alert MGASA-2019-0352 (glib2.0)



From:
              Mageia Updates <buildsystem-daemon@mageia.org> 


To:
              updates-announce@ml.mageia.org 


Subject:
              [updates-announce] MGASA-2019-0352: Updated glib2.0 packages fix security vulnerability 


Date:
              Sat, 30 Nov 2019 14:07:18 +0100


Message-ID:
              <20191130130718.20DBF9F6EB@duvel.mageia.org>


MGASA-2019-0352 - Updated glib2.0 packages fix security vulnerability

Publication date: 30 Nov 2019
URL: https://advisories.mageia.org/MGASA-2019-0352.html
Type: security
Affected Mageia releases: 7
CVE: CVE-2019-12450

Description:
The updated packages fix a security vulnerability:

file_copy_fallback in gio/gfile.c in GNOME GLib 2.15.0 through 2.61.1 does
not properly restrict file permissions while a copy operation is in
progress. Instead, default permissions are used. (CVE-2019-12450)

References:
- https://bugs.mageia.org/show_bug.cgi?id=25276
- https://usn.ubuntu.com/4014-1/
- https://access.redhat.com/errata/RHSA-2019:3530
- https://lists.opensuse.org/opensuse-updates/2019-06/msg00...
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1...

SRPMS:
- 7/core/glib2.0-2.60.2-1.2.mga7
to post comments


Copyright © 2025, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds