Project

General

Profile

Bug #30490

CVE-2020-14334 - unauthorized cache read on RPM-based installations through local user

Added by Ondřej Ezr over 2 years ago. Updated over 2 years ago.

Status:
Closed
Priority:
Normal
Assignee:
Category:
RPMs
Target version:

Description

Cache permissions allow unauthorized read

Associated revisions

Revision 5283f137 (diff)
Added by Ondřej Ezr over 2 years ago

Fixes #30490 - CVE-2020-14334 world readable cache

History

#2 Updated by Tomer Brisker over 2 years ago

  • Bugzilla link set to 1858308

#3 Updated by Tomer Brisker over 2 years ago

  • Subject changed from CVE-2020-14334 to CVE-2020-14334 - unauthorized cache read on RPM-based installations through local user

#4 Updated by Ewoud Kohl van Wijngaarden over 2 years ago

This looks good. Perhaps it's Redmine formatting, but it looks like the whitespace might be a bit odd.

#5 Updated by Ondřej Ezr over 2 years ago

  • Private changed from Yes to No

Embargo is lifted.

#6 Updated by The Foreman Bot over 2 years ago

  • Status changed from New to Ready For Testing
  • Pull request https://github.com/theforeman/foreman-packaging/pull/5596 added

#7 Updated by The Foreman Bot over 2 years ago

  • Fixed in Releases 2.2.0 added

#9 Updated by The Foreman Bot over 2 years ago

  • Pull request https://github.com/theforeman/foreman-packaging/pull/5597 added

#10 Updated by The Foreman Bot over 2 years ago

  • Pull request https://github.com/theforeman/foreman-packaging/pull/5598 added

#11 Updated by Ondřej Ezr over 2 years ago

  • Status changed from Ready For Testing to Closed

#12 Updated by Ondřej Ezr over 2 years ago

  • Fixed in Releases 2.0.2, 2.1.1 added

Also available in: Atom PDF