[ubuntu-mono] [Bug 1771196] [NEW] daap plugin opens port by default
Alan Jenkins
alan.christopher.jenkins at googlemail.com
Mon May 14 19:35:24 UTC 2018
*** This bug is a security vulnerability ***
Public security bug reported:
In a default installation, the daap plugin is enabled, and listens to
port 3689 (daap).
tcp 0 0 *:daap *:*
LISTEN guest-43a0me 72019 -
Ubuntu has a "no open ports by default" policy.[1][2]
[1] https://bugs.launchpad.net/ubuntu/+source/banshee/+bug/753986
[2] https://wiki.ubuntu.com/SecurityTeam/Policies#No_Open_Ports
Please resolve this e.g. by updating rhythmbox not to listen on a port
by default, or documenting rhythmbox as an exception to the security
policy.
---
Ubuntu 16.04.4 LTS
rhythmbox 3.3-1ubuntu7
** Affects: banshee (Ubuntu)
Importance: Undecided
Status: New
** Information type changed from Public to Public Security
--
You received this bug notification because you are a member of Ubuntu
CLI/Mono Uploaders, which is subscribed to banshee in Ubuntu.
https://bugs.launchpad.net/bugs/1771196
Title:
daap plugin opens port by default
Status in banshee package in Ubuntu:
New
Bug description:
In a default installation, the daap plugin is enabled, and listens to
port 3689 (daap).
tcp 0 0 *:daap *:*
LISTEN guest-43a0me 72019 -
Ubuntu has a "no open ports by default" policy.[1][2]
[1] https://bugs.launchpad.net/ubuntu/+source/banshee/+bug/753986
[2] https://wiki.ubuntu.com/SecurityTeam/Policies#No_Open_Ports
Please resolve this e.g. by updating rhythmbox not to listen on a port
by default, or documenting rhythmbox as an exception to the security
policy.
---
Ubuntu 16.04.4 LTS
rhythmbox 3.3-1ubuntu7
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/banshee/+bug/1771196/+subscriptions
More information about the Ubuntu-mono
mailing list