CVE-2018-13054: privilege escalation in cinnamon-settings-users.py GUI

To: debian-cinnamon@lists.debian.org
Cc: 903201-done@bugs.debian.org
Subject: CVE-2018-13054: privilege escalation in cinnamon-settings-users.py GUI
From: Norbert Preining <norbert@preining.info>
Date: Sun, 1 Sep 2019 13:00:08 +0900
Message-id: <[🔎] 20190901040008.coxo57fmkbz6ks37@bulldog.preining.info>

fixed 903201 3.8.8-1
thanks

Hi all,

there is still 
#903201 cinnamon: CVE-2018-13054: privilege escalation in cinnamon-settings-users.py GUI
open, but it is already fixed in 3.8.8, so I am closing this bug now and
mark it as fixed in 3.8.8-1 in buster.

There is a fix to remove the root owned .face file that is not
incorporated, we could add that later on. For the time being I create a
buster branch that incorporates that fix. We will see if we upload it to
a point release.

Best

Norbert

--
PREINING Norbert                               http://www.preining.info
Accelia Inc. + IFMGA ProGuide + TU Wien + JAIST + TeX Live + Debian Dev
GPG: 0x860CDC13   fp: F7D8 A928 26E3 16A1 9FA0 ACF0 6CAC A448 860C DC13

Reply to:

Follow-Ups:
- Processed: CVE-2018-13054: privilege escalation in cinnamon-settings-users.py GUI
  - From: "Debian Bug Tracking System" <owner@bugs.debian.org>

Prev by Date: nemo-python_4.2.1-1_source.changes ACCEPTED into experimental
Next by Date: Processed: CVE-2018-13054: privilege escalation in cinnamon-settings-users.py GUI
Previous by thread: nemo-python_4.2.1-1_source.changes ACCEPTED into experimental
Next by thread: Processed: CVE-2018-13054: privilege escalation in cinnamon-settings-users.py GUI
Index(es):
- Date
- Thread