Date: Tue, 12 Mar 2013 15:48:12 -0600 From: Vincent Danen <vdanen@...hat.com> To: oss-security@...ts.openwall.com Subject: CVE request: almanah does not encrypt its database Could a CVE be assigned to the following? It was reported that Almanah does not encrypt its database when it closes, due to GApplication no longer using the quit_main_loop() event since GIO 2.32. This will keep the database unencrypted when it should be encrypted. The upstream bug report has a patch attached which corrects the issue. References: https://bugzilla.gnome.org/show_bug.cgi?id=695117 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=702905 https://bugzilla.redhat.com/show_bug.cgi?id=920848 Thanks! -- Vincent Danen / Red Hat Security Response Team
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Powered by Openwall GNU/*/Linux - Powered by OpenVZ