Bug #1387734: Location service uses the cached authorization, even if the user denied location access to an app
|
CVE-2014-1422 |
Canonical System Image
|
Fix released (unassigned)
|
Bug #1392380: OA gives out all tokens to any app
|
CVE-2014-1423 |
Canonical System Image
|
Fix released, assigned to David Barth
|
Bug #1456628: DBUS API doesn't prevent confined apps from passing paths to files without access
|
CVE-2015-1327 |
Canonical System Image
|
Fix released, assigned to Bill Filler
|
Bug #1480877: Access points' "PropertiesChanged" dbus signals freeze UI on mobile devices
|
CVE-2015-1322 |
Canonical System Image
|
Fix released, assigned to John McAleely
|
Bug #1506467: click install does not ignore shipped files without leading './'
|
CVE-2015-8768 |
Canonical System Image
|
Fix released (unassigned)
|
Bug #1516971: LXC's preserve_ns fails on < 3.8 kernels
|
CVE-2015-1335 |
Canonical System Image
|
Fix released (unassigned)
|
Bug #1525981: Device can be tricked into exposing mtp service without being unlocked first
|
CVE-2015-7946 |
Canonical System Image
|
Fix released, assigned to kevin gunn
|
Bug #1536296: Using a specially crafted fallback art property, scopes can execute arbitrary QML code in context of unity8-dash
|
CVE-2016-1573 |
Canonical System Image
|
Fix released, assigned to Michał Sawicz
|
Bug #1590561: webbrowser-app crashes on startup on fresh zesty Unity8: No suitable EGL configs found
|
CVE-2017-6507 |
Canonical System Image
|
Fix released, assigned to David Barth
|