FEDORA-2018-9296823b6c

security update in Fedora 27 for cantata

Status: stable a year ago

Latest upstream release, omits some mounting code found to be insecure and not well tested.

How to install

sudo dnf upgrade --advisory=FEDORA-2018-9296823b6c

Comments 6

This update has been submitted for testing by rdieter.

This update has been pushed to testing.

This update has reached 7 days in testing and can be pushed to stable now if the maintainer wishes

This update has been submitted for batched by rdieter.

This update has been submitted for stable by bodhi.

This update has been pushed to stable.

Add Comment & Feedback

Please login to add feedback.

Content Type
RPM
Status
stable
Test Gating
Submitted by
Update Type
security
Update Severity
medium
Karma
0
stable threshold: 2
unstable threshold: -4
Autopush (karma)
Disabled
Autopush (time)
Disabled
Dates
submitted a year ago
in testing a year ago
in stable a year ago

Related Bugs 6

00 #1586302 cantata-2.3.1 is available
00 #1595566 CVE-2018-12559 cantata: Directory traversal due to insufficient mount target check in mounter.cpp
00 #1595567 CVE-2018-12560 cantata: Directory traversal in the D-Bus service of cantata-mounter
00 #1595569 CVE-2018-12561 cantata: Possible injection of additional mount options by manipulating the domain parameters of the samba URL
00 #1595570 CVE-2018-12562 cantata: Insufficient input validation in the 'mount.cifs.wrapper' script
00 #1595571 CVE-2018-12559 CVE-2018-12560 CVE-2018-12561 CVE-2018-12562 cantata: various flaws [fedora-all]

Automated Test Results