1
PublicDateAtUSN: 2011-11-25
2
Candidate: CVE-2011-4349
5
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4349
6
http://www.openwall.com/lists/oss-security/2011/11/25/1
7
https://usn.ubuntu.com/usn/usn-1289-1
9
Multiple SQL injection vulnerabilities in (1) cd-mapping-db.c and (2)
10
cd-device-db.c in colord before 0.1.15 allow local users to execute
11
arbitrary SQL commands via vectors related to color devices and (a) device
12
id, (b) property, or (c) profile id.
15
tyhicks> colord runs as colord but unpriv'ed users can create devices
17
https://bugs.freedesktop.org/show_bug.cgi?id=42904
18
https://bugzilla.novell.com/show_bug.cgi?id=698250
19
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=650021
25
upstream: http://gitorious.org/colord/master/commit/1fadd90afcb4bbc47513466ee9bb1e4a8632ac3b
26
upstream: http://gitorious.org/colord/master/commit/36549e0ed255e7dfa7852d08a75dd5f00cbd270e
27
upstream_colord: released (0.1.15)
32
oneiric_colord: released (0.1.12-1ubuntu2.1)
33
devel_colord: released (0.1.12-1ubuntu3)