Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [day] [month] [year] [list]
Date: Mon, 5 Oct 2015 21:10:41 -0700
From: Seth Arnold <>
Subject: CVE Request: gvfsd-dav

Hello MITRE, all,

Paulo Matias and Gustavo Nunes Pereira reported an issue with gvfsd-dav to
the Ubuntu bugtracker:

This appears to be an independant rediscovery of an issue already known to
the GNOME project:
which was reported by Gabor Kelemen.

The gvfsd-dav code appears to unescape some pathnames from a file
server that do not need to be unescaped and crashes when the input is
malformed. The upstream fix is (for master, gnome-3-14, gnome-3-12):

Please assign a CVE.


Download attachment "signature.asc" of type "application/pgp-signature" (474 bytes)

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ