From Mageia wiki
Revision as of 23:52, 9 July 2012 by Tmb (talk | contribs)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search

MGASA-2012-0153

Date: July 10th, 2012
Affected releases: 2


Description:
Updated accountsservice packages fix security vulnerability:

Florian Weimer discovered that AccountsService incorrectly handled
privileges when copying certain files to the system cache directory.
A local attacker could exploit this issue to read arbitrary files,
bypassing intended permissions (CVE-2012-2737).


Updated Packages:
accountsservice-0.6.14-2.1.mga2
lib(64)accountsservice0-0.6.14-2.1.mga2
lib(64)accountsservice-devel-0.6.14-2.1.mga2


References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2737
http://www.ubuntu.com/usn/usn-1485-1/
https://bugs.mageia.org/show_bug.cgi?id=6626