CESA-2019:2145 -- centos 7 gvfsID: oval:org.secpod.oval:def:205258 | Date: (C)2019-09-17 (M)2021-09-11 |
Class: PATCH | Family: unix |
GVFS is the GNOME Desktop Virtual File System layer that allows users to easily access local and remote data using File Transfer Protocol , Secure Shell File Transfer Protocol , Web Distributed Authoring and Versioning , Common Internet File System , Server Message Block , and other protocols. GVFS integrates with the GNOME I/O abstraction layer. Security Fix: * gvfs: Incorrect authorization in admin backend allows privileged users to read and modify arbitrary files without prompting for password For more details about the security issue, including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 7.7 Release Notes linked from the References section.