Shotwell could be made to expose sensitive information over the
network.
Software Description:
- shotwell: digital photo organizer
Details:
It was discovered that Shotwell is vulnerable to an information
disclosure in the web publishing plugins resulting in potential
password and oauth token plaintext transmission.
The problem can be corrected by updating your system to the following package versions: Ubuntu 17.04: shotwell 0.22.0+git20160108.r1.f2fb1f7-0ubuntu3.1 shotwell-common 0.22.0+git20160108.r1.f2fb1f7-0ubuntu3.1 Ubuntu 16.04 LTS: shotwell 0.22.0+git20160108.r1.f2fb1f7-0ubuntu1.1 shotwell-common 0.22.0+git20160108.r1.f2fb1f7-0ubuntu1.1 Ubuntu 14.04 LTS: shotwell 0.18.0-0ubuntu4.5 shotwell-common 0.18.0-0ubuntu4.5 In general, a standard system update will make all the necessary changes.
CVE-2017-1000024
Get the latest Linux and open source security news straight to your inbox.