nixos/nixpkgs.git - Nix Packages collection

diff options

author	worldofpeace <worldofpeace@protonmail.ch>	2019-06-18 19:45:23 -0400
committer	worldofpeace <worldofpeace@protonmail.ch>	2019-06-18 19:48:47 -0400
commit	02ea0d3959ba5a8f2108d3bc8f5a57635d758713 (patch)
tree	a071fa5c35fcb0fd0614867e41a63bd00d0fa0b6 /pkgs/development/python-modules/python-mapnik/python-mapnik_std_optional.patch
parent	6fa7263c1e4db953bc496d234acb8c7746586d94 (diff)

gvfs: fix CVE-2019-1244{7.8.9}

This is a version of #63481 for master. CVE-2019-12447: daemon/gvfsbackendadmin.c mishandles file ownership because setfsuid is not used. CVE-2019-12448: daemon/gvfsbackendadmin.c has race conditions because the admin backend doesn't implement query_info_on_read/write. CVE-2019-12449: daemon/gvfsbackendadmin.c mishandles a file's user and group ownership during move (and copy with G_FILE_COPY_ALL_METADATA) operations from admin:// to file:// URIs, because root privileges are unavailable. Upstream MR: https://gitlab.gnome.org/GNOME/gvfs/merge_requests/48

Diffstat (limited to 'pkgs/development/python-modules/python-mapnik/python-mapnik_std_optional.patch')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: