Bug#921995: kauth: Insecure handling of arguments in helpers

To: Debian Bug Tracking System <submit@bugs.debian.org>
Subject: Bug#921995: kauth: Insecure handling of arguments in helpers
From: Scott Kitterman <debian@kitterman.com>
Date: Sun, 10 Feb 2019 23:16:29 -0500
Message-id: <[🔎] 20190211041629.27007.87798.reportbug@kitterma-E6430>
Reply-to: Scott Kitterman <debian@kitterman.com>, 921995@bugs.debian.org

Package: src:kauth
Version: 5.28.0-2
Severity: grave
Tags: security upstream patch
Justification: user security hole

See the KDE announce list [1].  It includes reference to a fix [2].  This is
CVE-2019-7443.

Scott K


[1] https://mail.kde.org/pipermail/kde-announce/2019-February/000011.html
[2] https://cgit.kde.org/kauth.git/commit/?id=fc70fb0161c1b9144d26389434d34dd135cd3f4a

Reply to:

Follow-Ups:
- Processed: Bug #921995 in kauth marked as pending
  - From: "Debian Bug Tracking System" <owner@bugs.debian.org>
- Bug#921995: marked as done (kauth: Insecure handling of arguments in helpers)
  - From: "Debian Bug Tracking System" <owner@bugs.debian.org>

Prev by Date: Bug#921987: fixed
Next by Date: Bug#922000: src:kauth: Symbols file out of date
Previous by thread: Bug#921987: Comments related to BUG 921987
Next by thread: Processed: Bug #921995 in kauth marked as pending
Index(es):
- Date
- Thread