oss-sec mailing list archives
Re: CVE request: almanah does not encrypt its database
From: Kurt Seifried <kseifried () redhat com>
Date: Wed, 13 Mar 2013 01:45:18 -0600
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 03/12/2013 03:48 PM, Vincent Danen wrote:
Could a CVE be assigned to the following? It was reported that Almanah does not encrypt its database when it closes, due to GApplication no longer using the quit_main_loop() event since GIO 2.32. This will keep the database unencrypted when it should be encrypted. The upstream bug report has a patch attached which corrects the issue. References: https://bugzilla.gnome.org/show_bug.cgi?id=695117 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=702905 https://bugzilla.redhat.com/show_bug.cgi?id=920848 Thanks!
Please use CVE-2013-1853 for this issue. - -- Kurt Seifried Red Hat Security Response Team (SRT) PGP: 0x5E267993 A90B F995 7350 148F 66BF 7554 160D 4553 5E26 7993 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.13 (GNU/Linux) iQIcBAEBAgAGBQJRQC6OAAoJEBYNRVNeJnmT0aYQALRuVmbRm8e2BKk8RTNLQndp T87ZYXRALdvQ18BJDjFfnf8JVMAszEPQujUTNnoStYNbIhHdPM23JRKMeHnU/0OZ 8d2maOEW68SRRmsIhlvqDv3nLrkJcvuRXkojlF0frv03HHBsqyxqcYQ3WrWPDMLN OXArymEP52+x6RJGEFAhmktelvGqmWBdczfbtwS9uIgbzUFFVPGFZxxRp3lI1DdK 8OhzXSR0R+idFNMmqhOTGegiHGfTl+xXOhJs28Pm/IYAvBihx0r5V7buu0zBerUv Rd8ry895OmnSUEhVbEh4dFuwj4jR9HDWUFTQ+L87+iqkox3vrq5Nd6/dVTSEyO0J CgBG8x1Q9fVUCfqYUYzx7mKRKz5+tQAbuam3mEzManJ1h59xEmYeYoN9cJgz2Ri7 SjFCyMKF9jgbT9pvdvqHeg3L9mg2Ay6B5UwBRmsG0U/bAJSiN6NMLdDUakTtlQMF 681JFkiec2MwXGCd0HyEm7GsoPmH6GMHpSlLAx7y/aj8jc3gCUjRFReMCzbXoZVv fPNOdf/nc9d6TbpKUfO4PztfQ77Z8r69yfARsVlO0KzX7m21CFpLzZS7lEzP8vAh 6cykJyr1ZJFCbwdbGga5gyyv87et7YFbCPNPPOdwXFmhSG9/iXvKSHuvc3uWwpD4 XXggh+4MYIHwAJj0BNSb =klwP -----END PGP SIGNATURE-----
Current thread:
- CVE request: almanah does not encrypt its database Vincent Danen (Mar 12)
- Re: CVE request: almanah does not encrypt its database Kurt Seifried (Mar 13)