What Are You Looking For?

Sign Up

Package        : cinnamon
Version        : 2.2.16-5+deb8u1
CVE ID         : CVE-2018-13054
Debian Bug     : #903201

It was discovered that there was a symlink attack in the Cinnamon
desktop environment.

An attacker could overwrite an arbitrary file on the filesystem via
a $HOME/.face icon file (as the cinnamon-settings-users.py GUI runs
as root).

For Debian 8 "Jessie", this issue has been fixed in cinnamon version
2.2.16-5+deb8u1.

We recommend that you upgrade your cinnamon packages.


Regards,

- -- 
      ,''`.
     : :'  :     Chris Lamb
     `. `'`      lamby@debian.org / chris-lamb.co.uk
       `-

Debian LTS: DLA-1420-1: cinnamon security update

July 13, 2018
It was discovered that there was a symlink attack in the Cinnamon desktop environment

Summary

For Debian 8 "Jessie", this issue has been fixed in cinnamon version
2.2.16-5+deb8u1.

We recommend that you upgrade your cinnamon packages.


Regards,

- --
,''`.
: :' : Chris Lamb
`. `'` lamby@debian.org / chris-lamb.co.uk
`-



Severity
Package : cinnamon
Version : 2.2.16-5+deb8u1
CVE ID : CVE-2018-13054
Debian Bug : #903201

Related News

New CacheWarp AMD CPU attack lets hackers gain root in Linux VMs

Nov 15, 2023

Windows, Linux Systems Targeted in Pro-Hamas BiBi Wiper Malware Attack

Nov 15, 2023

eBPF Offers a New Way to Secure Cloud Native Systems

Oct 25, 2023

New BiBi-Linux Wiper Malware Targets Israeli Orgs in Destructive Attacks

Nov 2, 2023

News

Advisories

HOWTOs

Features

A Complete Guide to Torrenting Safely in 2024
Cloud Security Basics for Small Businesses
Scanning and Defending Networks with Nmap
CISA Issues Urgent Warning Over Active Exploitation of Looney Tunables glibc Bug
Cyber Law in the Realm of Open-Source Software Security

About Us

Powered By

Footer Logo