1
Candidate: CVE-2018-12559
4
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12559
5
http://www.openwall.com/lists/oss-security/2018/06/18/1
6
https://github.com/CDrummond/cantata/commit/afc4f8315d3e96574925fb530a7004cc9e6ce3d3
8
An issue was discovered in the cantata-mounter D-Bus service in Cantata
9
through 2.3.1. The mount target path check in mounter.cpp `mpOk()` is
10
insufficient. A regular user can consequently mount a CIFS filesystem
11
anywhere (e.g., outside of the /home directory tree) by passing directory
12
traversal sequences such as a home/../usr substring.
16
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=901798
23
upstream_cantata: released (2.3.0.ds1-2)
24
precise/esm_cantata: DNE
25
trusty_cantata: needs-triage
26
xenial_cantata: needs-triage
27
artful_cantata: needs-triage
28
bionic_cantata: needs-triage
29
devel_cantata: not-affected (2.3.0.ds1-2)