CVE-2020-16121

Priority
Description
The InstallFiles, GetFilesLocal and GetDetailsLocal methods of the DBus
interface to PackageKit accesses given files before checking for
authorization. This allows non-privileged users to learn the MIME type of
any file on the system.
Assigned-to
mdeslaur
Notes
Package
Upstream:needs-triage
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):released (0.8.17-4ubuntu6~gcc5.4ubuntu1.5)
Ubuntu 18.04 LTS (Bionic Beaver):released (1.1.9-1ubuntu2.18.04.6)
Ubuntu 20.04 LTS (Focal Fossa):released (1.1.13-2ubuntu1.1)
Ubuntu 20.10 (Groovy Gorilla):released (1.1.13-2ubuntu2)
More Information

Updated: 2020-09-25 14:27:59 UTC (commit e775549e62f5d80d4ff1c6236719bd55379159c5)