Labels Milestones

FISH: Security fix for CVE-2020-12755 (backport from KDE) #282

Merged

blu.256 merged 1 commits from fix/cve-2020-12755 into master 2 years ago

Conversation 1 Commits 1 Files Changed 1

blu.256 commented 2 years ago

Collaborator

A security fix for the FISH protocol backported from KDE.

"Only store password in KWallet if the user asked for it"
d813cef3ce

Author: David Faure
Licence: GPLv2

This mitigates CVE-2020-12755.

A security fix for the FISH protocol backported from KDE. "Only store password in KWallet if the user asked for it" https://invent.kde.org/network/kio-extras/-/commit/d813cef3cecdec9af1532a40d677a203ff979145 Author: David Faure Licence: GPLv2 This mitigates [CVE-2020-12755](https://www.cvedetails.com/cve/CVE-2020-12755/).

blu.256 added this to the R14.0.13 release milestone 2 years ago

blu.256 added the SL/normal label 2 years ago

blu.256 added 1 commit 2 years ago

d59c8ee79f

FISH: Security fix backport from KDE ...

"Only store password in KWallet if the user asked for it"
d813cef3ce

Author:  David Faure
Licence: GPLv2

This mitigates CVE-2020-12755.

Signed-off-by: Mavridis Philippe <mavridisf@gmail.com>

MicheleC approved these changes 2 years ago

MicheleC left a comment

Owner

I didn't test it but it looks good.

I didn't test it but it looks good.

blu.256 merged commit d59c8ee79f into master 2 years ago

blu.256 deleted branch fix/cve-2020-12755 2 years ago

blu.256 commented 2 years ago

Poster

Collaborator

Merged and backported.

Merged and backported.

blu.256 referenced this pull request from TDE/tde 2 years ago

R14.0.13 release notes #83

Reviewers

MicheleC approved these changes 2 years ago

The pull request has been merged as d59c8ee79f.

Sign in to join this conversation.

Reviewers

Request review

No reviewers

MicheleC

Labels

Apply labels

Clear labels

GE/need-info
General - need additional info from contributor PR/keep-branch
Pull request - do not delete branch after merging PR/not-ok
Pull request - need fixing PR/rfc
Pull request - request for comments PR/update-trans
Pull request - update to translation files needed PR/wip
Pull request - work in progress RS/R14.0.x
Related to R14.0.x series RS/R14.1.x
Related to R14.1.x series SL/critical
Severity level - critical SL/major
Severity level - major SL/minor
Severity level - minor SL/normal
Severity level - normal SL/regression
Severity level - regression from previous version SL/trivial
Severity level - trivial SL/wishlist
Severity level - wishlist request ST/duplicate
Status - duplicate of another issue ST/invalid
Status - invalid report ST/notourproblem
Status - not our problem ST/rejected
Status - rejected ST/wontfix
Status - won't fix ST/worksforme
Status - works for me, unable to reproduce

No Label GE/need-info PR/keep-branch PR/not-ok PR/rfc PR/update-trans PR/wip RS/R14.0.x RS/R14.1.x SL/critical SL/major SL/minor SL/normal SL/regression SL/trivial SL/wishlist ST/duplicate ST/invalid ST/notourproblem ST/rejected ST/wontfix ST/worksforme

Milestone

Set milestone

Clear milestone

No items

No Milestone

R14.0.13 release

Assignees

Assign users

Clear assignees

No Assignees

2 Participants

Notifications

Subscribe

Due Date

The due date is invalid or out of range. Please use the format 'yyyy-mm-dd'.

No due date set.

Dependencies

No dependencies set.

Reference: TDE/tdebase#282

Write Preview

Loading…

Cancel

Save

There is no content yet.