Summary: | <dev-libs/libcgroup-0.41-r5: cgrulesengd creates log files with insecure permissions (CVE-2018-14348) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | GLSAMaker/CVETool Bot <glsamaker> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | minor | CC: | blueness |
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | B3 [noglsa cve] | ||
Package list: | Runtime testing required: | --- |
Description
GLSAMaker/CVETool Bot
2018-08-22 23:03:59 UTC
(In reply to Thomas Deutschmann from comment #1) > Upstream patch: > https://sourceforge.net/p/libcg/libcg/ci/ > 0d88b73d189ea3440ccaab00418d6469f76fa590/ Thanks for the report! I've added the patch in libcgroup-0.41-r5.ebuild and will rapid stabilize it soon. I just marked libcgroup-0.41-r5.ebuild stable on amd64 and x86 and removed the vulnerable version. Tree is clean. GLSA Vote: No Thank you all for you work. Closing as [noglsa]. tree is clean |