CVE-2011-0729

Publication date 19 April 2011

Last updated 24 July 2024

dbus_backend/ls-dbus-backend in the D-Bus backend in language-selector before 0.6.7 does not restrict access on the basis of a PolicyKit check result, which allows local users to modify the /etc/default/locale and /etc/environment files via a (1) SetSystemDefaultLangEnv or (2) SetSystemDefaultLanguageEnv call.

Status

Show unmaintained releases

Package	Ubuntu Release	Status
language-selector	10.10 maverick	Fixed 0.6.7
	10.04 LTS lucid	Not affected
	9.10 karmic	Not affected
	8.04 LTS hardy	Not affected
	6.06 LTS dapper	Not affected

How can I get the fixes?
What do statuses mean?

References

MITRE
NVD
Launchpad
Debian

Related Ubuntu Security Notices (USN)

USN-1115-1
language-selector vulnerability
19 April 2011

Other references

https://www.cve.org/CVERecord?id=CVE-2011-0729