[3.7] glib: file permission vulnerability (CVE-2019-12450)
file_copy_fallback in gio/gfile.c in GNOME GLib 2.15.0 through 2.61.1
does not properly restrict file
permissions while a copy operation is in progress. Instead, default
permissions are used.
References:
https://nvd.nist.gov/vuln/detail/CVE-2019-12450
Patch:
https://gitlab.gnome.org/GNOME/glib/commit/d8f8f4d637ce43f8699ba94c9b7648beda0ca174
(from redmine: issue id 10578, created on 2019-06-14, closed on 2019-06-20)
- Relations:
- parent #10574 (closed)
- Changesets:
- Revision 6d61c009 by Natanael Copa on 2019-06-17T09:42:04Z:
main/glib: security fix for CVE-2019-12450
fixes #10578