Summary: | <sys-apps/systemd-240: Mishandled symlinks in systemd-tmpfiles allows local users to obtain ownership of arbitrary files (CVE-2018-6954) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | GLSAMaker/CVETool Bot <glsamaker> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | major | CC: | systemd |
Priority: | High | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
See Also: |
https://github.com/systemd/systemd/issues/7986 https://bugs.gentoo.org/show_bug.cgi?id=751415 |
||
Whiteboard: | B1 [noglsa cve] | ||
Package list: | Runtime testing required: | --- |
Description
GLSAMaker/CVETool Bot
2018-02-16 00:38:38 UTC
I believe this bug can be closed; the oldest version of systemd in gentoo is 242. Why is this bug still open? Looks like 240 was the last affected version at a quick look. We already did a GLSA for a newer version, so no need for this older version: bug 708806. |