30 May
2017
30 May
'17
12:40
http://bugzilla.opensuse.org/show_bug.cgi?id=1041511
http://bugzilla.opensuse.org/show_bug.cgi?id=1041511#c2
--- Comment #2 from Wolfgang Bauer
Due to CVE-2017-8422 and CVE-2017-8849 it was decided to remove smb4k from Factory. Operating with root privileges (such as smb4k helper is doing) in user owned directories can never be secure. Thats why it wont be approved.
Well, it has been suggested in bug#1033300 that we can add the available fixes and request a new security review. Fixes for both CVEs have been added, to kauth and smb4k respectively. -- You are receiving this mail because: You are on the CC list for the bug.