Project

General

Profile

Bug #30490

CVE-2020-14334 - unauthorized cache read on RPM-based installations through local user

Added by Ondřej Ezr 2 months ago. Updated about 2 months ago.


Description

Cache permissions allow unauthorized read

Associated revisions

Revision 5283f137 (diff)
Added by Ondřej Ezr about 2 months ago

Fixes #30490 - CVE-2020-14334 world readable cache

History

#2 Updated by Tomer Brisker about 2 months ago

  • Bugzilla link set to 1858308

#3 Updated by Tomer Brisker about 2 months ago

  • Subject changed from CVE-2020-14334 to CVE-2020-14334 - unauthorized cache read on RPM-based installations through local user

#4 Updated by Ewoud Kohl van Wijngaarden about 2 months ago

This looks good. Perhaps it's Redmine formatting, but it looks like the whitespace might be a bit odd.

#5 Updated by Ondřej Ezr about 2 months ago

  • Private changed from Yes to No

Embargo is lifted.

#6 Updated by The Foreman Bot about 2 months ago

  • Status changed from New to Ready For Testing
  • Pull request https://github.com/theforeman/foreman-packaging/pull/5596 added

#7 Updated by The Foreman Bot about 2 months ago

  • Fixed in Releases 2.2.0 added

#9 Updated by The Foreman Bot about 2 months ago

  • Pull request https://github.com/theforeman/foreman-packaging/pull/5597 added

#10 Updated by The Foreman Bot about 2 months ago

  • Pull request https://github.com/theforeman/foreman-packaging/pull/5598 added

#11 Updated by Ondřej Ezr about 2 months ago

  • Status changed from Ready For Testing to Closed

#12 Updated by Ondřej Ezr about 2 months ago

  • Fixed in Releases 2.0.2, 2.1.1 added

Also available in: Atom PDF