oss-sec mailing list archives

Previous By Date Next
Previous By Thread Next

CVE request: almanah does not encrypt its database

From: Vincent Danen <vdanen () redhat com>
Date: Tue, 12 Mar 2013 15:48:12 -0600
Could a CVE be assigned to the following?


It was reported that Almanah does not encrypt its database when it
closes, due to GApplication no longer using the quit_main_loop() event
since GIO 2.32.  This will keep the database unencrypted when it should
be encrypted.  The upstream bug report has a patch attached which
corrects the issue.

References:

https://bugzilla.gnome.org/show_bug.cgi?id=695117
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=702905
https://bugzilla.redhat.com/show_bug.cgi?id=920848


Thanks!

--
Vincent Danen / Red Hat Security Response Team
Previous By Date Next
Previous By Thread Next

Current thread: