Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date: Tue, 29 Apr 2014 08:42:33 -0400
From: Marc Deslauriers <marc.deslauriers@...onical.com>
To: oss-security@...ts.openwall.com
Subject: CVE Request: indicator-datetime issue

Hello,

It was discovered that indicator-datetime 13.10.0+13.10.x would incorrectly
allow Evolution to be opened while at the greeter screen. A local attacker could
possibly use this issue to obtain unconfined local access.

Bug reports:
https://bugs.launchpad.net/ubuntu/+source/indicator-datetime/+bug/1246812

Fix:
http://bazaar.launchpad.net/~indicator-applet-developers/indicator-datetime/trunk.13.10/revision/282

Could a CVE please be assigned to this issue?

Thanks,

Marc.

-- 
Marc Deslauriers
Ubuntu Security Engineer     | http://www.ubuntu.com/
Canonical Ltd.               | http://www.canonical.com/

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ