Bug #30490: CVE-2020-14334 - unauthorized cache read on RPM-based installations through local user - Packaging - Foreman

Actions

Copy link

Bug #30490

closed

CVE-2020-14334 - unauthorized cache read on RPM-based installations through local user

Added by Ondřej Ezr over 4 years ago. Updated over 4 years ago.

Status:

Closed

Priority:

Normal

Assignee:

Ondřej Ezr

Category:

RPMs

Target version:

Foreman - 2.1.1

Difficulty:

Triaged:

Yes

Bugzilla link:

1858308

Pull request:

https://github.com/theforeman/foreman-packaging/pull/5596, https://github.com/theforeman/foreman-packaging/pull/5597, https://github.com/theforeman/foreman-packaging/pull/5598

Fixed in Releases:

Foreman - 2.0.2, Foreman - 2.1.1, Foreman - 2.2.0

Found in Releases:

Red Hat JIRA:

Description

Cache permissions allow unauthorized read

Files

0001-BZ-1858308-CVE-2020-14334-too-permissive-mode-for-ca.patch

1.12 KB

Fix-too permissive mode on cache dir

Ondřej Ezr, 07/24/2020 11:12 PM

History
Notes
Property changes
Associated revisions

Actions

Copy link

Also available in: Atom PDF

Project

General

Profile

Foreman » Packaging

Custom queries

Bug #30490

CVE-2020-14334 - unauthorized cache read on RPM-based installations through local user

Updated by Ondřej Ezr over 4 years ago

Updated by Tomer Brisker over 4 years ago

Updated by Tomer Brisker over 4 years ago

Updated by Ewoud Kohl van Wijngaarden over 4 years ago

Updated by Ondřej Ezr over 4 years ago

Updated by The Foreman Bot over 4 years ago

Updated by The Foreman Bot over 4 years ago

Updated by Ondřej Ezr over 4 years ago

Updated by The Foreman Bot over 4 years ago

Updated by The Foreman Bot over 4 years ago

Updated by Ondřej Ezr over 4 years ago

Updated by Ondřej Ezr over 4 years ago