It was discovered that packagekit was subject to a vulnerability where the InstallFiles, GetFilesLocal and GetDetailsLocal methods of the DBus interface to PackageKit accesses given files before checking for authorization. This allows non-privileged users to learn the MIME type of any file on the system. (CVE-2020-16121)
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Mageia | 7 | noarch | packagekit | < 1.1.12-3.1 | packagekit-1.1.12-3.1.mga7 |