Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [day] [month] [year] [list]
Date: Mon, 5 Oct 2015 21:10:41 -0700
From: Seth Arnold <>
Subject: CVE Request: gvfsd-dav

Hello MITRE, all,

Paulo Matias and Gustavo Nunes Pereira reported an issue with gvfsd-dav to
the Ubuntu bugtracker:

This appears to be an independant rediscovery of an issue already known to
the GNOME project:
which was reported by Gabor Kelemen.

The gvfsd-dav code appears to unescape some pathnames from a file
server that do not need to be unescaped and crashes when the input is
malformed. The upstream fix is (for master, gnome-3-14, gnome-3-12):

Please assign a CVE.


Download attachment "signature.asc" of type "application/pgp-signature" (474 bytes)

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.