GLSA Advocate
Joined: 12 May 2004 Posts: 2663
|
Posted: Sun Dec 30, 2018 9:26 pm Post subject: [ GLSA 201812-10 ] GKSu |
|
|
Gentoo Linux Security Advisory
Title: GKSu: Arbitrary command execution (GLSA 201812-10)
Severity: normal
Exploitable: remote
Date: 2018-12-30
Bug(s): #534540
ID: 201812-10
Synopsis
A vulnerability in GKSu might allow attackers to execute arbitrary
commands.
Background
A library that provides a Gtk+ frontend to su and sudo.
Affected Packages
Package: x11-libs/gksu
Vulnerable: <= 2.0.2
Architectures: All supported architectures
Description
A vulnerability was discovered in GKSu’s gksu-run-helper.
Impact
An attacker could execute arbitrary commands.
Workaround
There is no known workaround at this time.
Resolution
Gentoo has discontinued support for GKSu and recommends that users
unmerge the package:
Code: | # emerge --unmerge "x11-libs/gksu"
|
References
CVE-2014-2886 |
|