Project

General

Custom queries

Profile

Actions
Copy link

Bug #30490

closed

CVE-2020-14334 - unauthorized cache read on RPM-based installations through local user

Added by Ondřej Ezr over 4 years ago. Updated over 4 years ago.

Status:
Closed
Priority:
Normal
Assignee:
Ondřej Ezr
Category:
RPMs
Target version:
Foreman - 2.1.1
Difficulty:
Triaged:
Yes
Bugzilla link:
1858308
Pull request:
https://github.com/theforeman/foreman-packaging/pull/5596, https://github.com/theforeman/foreman-packaging/pull/5597, https://github.com/theforeman/foreman-packaging/pull/5598
Fixed in Releases:
Foreman - 2.0.2, Foreman - 2.1.1, Foreman - 2.2.0
Found in Releases:
Red Hat JIRA:

Description

Cache permissions allow unauthorized read

Files

0001-BZ-1858308-CVE-2020-14334-too-permissive-mode-for-ca.patch 0001-BZ-1858308-CVE-2020-14334-too-permissive-mode-for-ca.patch 1.12 KB Fix-too permissive mode on cache dir Ondřej Ezr, 07/24/2020 11:12 PM
#2

Updated by Tomer Brisker over 4 years ago

  • Bugzilla link set to 1858308
#3

Updated by Tomer Brisker over 4 years ago

  • Subject changed from CVE-2020-14334 to CVE-2020-14334 - unauthorized cache read on RPM-based installations through local user
#5

Updated by Ondřej Ezr over 4 years ago

  • Private changed from Yes to No
#6

Updated by The Foreman Bot over 4 years ago

  • Status changed from New to Ready For Testing
  • Pull request https://github.com/theforeman/foreman-packaging/pull/5596 added
#7

Updated by The Foreman Bot over 4 years ago

  • Fixed in Releases 2.2.0 added
#9

Updated by The Foreman Bot over 4 years ago

  • Pull request https://github.com/theforeman/foreman-packaging/pull/5597 added
#10

Updated by The Foreman Bot over 4 years ago

  • Pull request https://github.com/theforeman/foreman-packaging/pull/5598 added
#11

Updated by Ondřej Ezr over 4 years ago

  • Status changed from Ready For Testing to Closed
#12

Updated by Ondřej Ezr over 4 years ago

  • Fixed in Releases 2.0.2, 2.1.1 added
Actions
Copy link

Also available in: Atom PDF