kwallet-pam: Regression in CVE-2018-10380 fixes

Maximiliano Curia maxy at
Sat May 5 09:25:00 UTC 2018


After applying the proposed fixes a couple of users started having issues with 
kwallet-pam, as reported here:

The patch to fix the issue is being worked in I'm not sure what are the current plans to 
release a version of kwallet-pam with CVE-2018-10380, the announcement 
mentions 5.12.6 which is a couple of months away, but just to be on the safe 
side Luigi Toscano convinced me that it was worth sending this message to 

Happy hacking,
"If a million people believe a foolish thing, it is still a foolish thing."
-- France's Rule of Folly
Saludos /\/\ /\ >< `/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: not available
URL: <>

More information about the release-team mailing list