Mageia Bugzilla – Bug 7354
gnome-keyring new security issue CVE-2012-3466
Last modified: 2012-09-09 13:41:10 CEST
Version 3.4.1, which we have in Mageia 2, is affected.
I don't know if Mageia 1 or Cauldron are affected.
More info here:
Fedora has issued an advisory on August 21:
Patches added here:
Looks like Cauldron should not be affected.
The first Fedora patch says regression 3.3.x, so maybe doesn't affect Mageia 1, but the second patch there does apply to the code in Mageia 1.
From the upstream bug, sounds like Mageia 1 shouldn't be affected.
Patched package uploaded for Mageia 2.
Updated gnome-keyring package fixes security vulnerability:
gnome-keyring seems to obey the configuration asking it to stop caching
passphrases, but after a while it doesn't cache nor does it ask for the
Updated packages in core/updates_testing:
No problems with Mageia 2 x86_64.
Works ok on Mageia 2 i568/x86.
Could sysadmin please push from core/updates_testing to core/updates.
See comment 5 for srpm and advisory.