Summary: | <dev-python/rtslib-fb-2.1.73: Weak permissions used on /etc/target/saveconfig.json (CVE-2020-14019) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Sam James <sam> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | minor | CC: | openstack, prometheanfire, sir.suriv |
Priority: | Normal | Flags: | nattka:
sanity-check+
|
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | https://github.com/open-iscsi/rtslib-fb/pull/162 | ||
See Also: |
https://bugs.gentoo.org/show_bug.cgi?id=736086 https://github.com/gentoo/gentoo/pull/16516 |
||
Whiteboard: | B4 [noglsa cleanup] | ||
Package list: |
dev-python/rtslib-fb-2.1.73
|
Runtime testing required: | --- |
Bug Depends on: | |||
Bug Blocks: | 736709 |
Description
Sam James
2020-06-19 13:40:58 UTC
Bump to 2.1.73 here: https://github.com/gentoo/gentoo/pull/16516 The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=c3e3e50d15b7c4453e25338ea5f0ad216d95c964 commit c3e3e50d15b7c4453e25338ea5f0ad216d95c964 Author: Diogo Pereira <sir.suriv@gmail.com> AuthorDate: 2020-06-30 22:56:30 +0000 Commit: Sam James <sam@gentoo.org> CommitDate: 2020-08-15 01:18:17 +0000 dev-python/rtslib-fb: version bump to 2.1.73 Bug: https://bugs.gentoo.org/728770 Package-Manager: Portage-2.3.103, Repoman-2.3.23 Signed-off-by: Diogo Pereira <sir.suriv@gmail.com> Closes: https://github.com/gentoo/gentoo/pull/16516 Signed-off-by: Sam James <sam@gentoo.org> dev-python/rtslib-fb/Manifest | 1 + dev-python/rtslib-fb/rtslib-fb-2.1.73.ebuild | 24 ++++++++++++++++++++++++ 2 files changed, 25 insertions(+) Tell us when ready to stable. Will look at PR soon. (In reply to Sam James from comment #3) > Tell us when ready to stable. Will look at PR soon. I guess we'll go ahead. x86 done amd64 done all arches done Please cleanup. The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=7a62a6b9db1ce96cf458e0ac5a81a0de9a067151 commit 7a62a6b9db1ce96cf458e0ac5a81a0de9a067151 Author: Aaron Bauman <bman@gentoo.org> AuthorDate: 2020-08-29 22:21:21 +0000 Commit: Aaron Bauman <bman@gentoo.org> CommitDate: 2020-08-29 22:21:44 +0000 dev-python/rtslib-fb: drop vulnerable Bug: https://bugs.gentoo.org/728770 Signed-off-by: Aaron Bauman <bman@gentoo.org> dev-python/rtslib-fb/Manifest | 1 - dev-python/rtslib-fb/rtslib-fb-2.1.69.ebuild | 24 ------------------------ 2 files changed, 25 deletions(-) |