From:
[email protected]
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
- ------------------------------------------------------------------------- Debian Security Advisory DSA-4200-1
[email protected] https://www.debian.org/security/ Moritz Muehlenhoff
May 14, 2018
https://www.debian.org/security/faq
- -------------------------------------------------------------------------
Package : kwallet-pam
CVE ID : CVE-2018-10380
Fabian Vogt discovered that incorrect permission handling in the PAM
module of the KDE Wallet could allow an unprivileged local user to gain ownership of arbitrary files.
For the stable distribution (stretch), this problem has been fixed in
version 5.8.4-1+deb9u2.
We recommend that you upgrade your kwallet-pam packages.
For the detailed security status of kwallet-pam please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/kwallet-pam
Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at:
https://www.debian.org/security/
Mailing list:
[email protected]
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAlr55XkACgkQEMKTtsN8 TjYueg/+IYNbIJ2dpV2ZezwiLLpP+oCRx7ETNcUskgntnrT69WELvUhhqgoKzbAU NEWJr8lqrZYWPw8oQ1JsOEP0ENI4W1wOL4nP3HEYlS+Er+5wlFXSm32A2qqeukKi QsBR3/QZ8O07iPJYSdlcvomOyONmgW30x/vRn/0RenAV4+pi0slSHp1Lvw3twZST KRZy20X6fMI3cf1nNA+z9H50RPV0lXOZfnszXRZ0rnpK8vdCrInKzMjEm/FXQORQ dsUIny2sntG6jJvsQkA222nCGxNlJEVxNxOiPW0Vc5LFSmtUV6HpE6MmEeZ89JlA T314bppsAQqZc3Bu+MMKR3leslbJtHU35XLQeCnG0EzaLzg1d3m5z9XDqmxuLpJw 4V0UXcEo4L+ReL16QZdjHbh1SEBD5yssGA2j73tN+RYn1lo6wrrfZejnQcULSFVz MR0+B3w69Z/E/yzmejRfV2+gqF7xDNjjrqVmrHvymtQe/MwC2gI8zF4BxYCMnWUa kAXUZC/WguKB1FbUwvAv6QXOJ2DgWc/82xJ/D7gevlxWZoWLqjdx8zGeneclsRhb 7ccBgZRsxrQfA5+uQ1nPchKkmZKXu9d3i/BFZfxd12/4mmz8lHiA8dLM4vh4tt2B dkuGU/8HyZCFcj94+YQtEM35+brfIec8rH2z61UigMZdp5d+P5I=
=Z+7M
-----END PGP SIGNATURE-----
--- SoupGate-Win32 v1.05
* Origin: you cannot sedate... all the things you hate (1:229/2)