Back to bug 1928090
| Who | When | What | Removed | Added |
|---|---|---|---|---|
| Michael Kaplan | 2021-02-12 11:42:43 UTC | CC | bmontgom, eparis, jburrell, jokerman, nstielau, sponnaga | |
| Michael Kaplan | 2021-02-12 11:47:04 UTC | CC | amctagga, anharris, bniver, dbecker, flucifre, gmeno, hvyas, jamartis, jjoyce, jschluet, lhh, lpeer, mbenjamin, mburns, mhackett, sclewis, slinaber, sostapov, vereddy | |
| Michael Kaplan | 2021-02-12 11:47:34 UTC | Depends On | 1928092, 1928091, 1928093 | |
| Michael Kaplan | 2021-02-12 11:48:08 UTC | Depends On | 1928094 | |
| Michael Kaplan | 2021-02-12 11:48:38 UTC | Blocks | 1928095 | |
| Sage McTaggart | 2021-02-16 21:50:10 UTC | Depends On | 1929435 | |
| Sage McTaggart | 2021-03-02 19:05:30 UTC | Summary | zstd: Race condition allows attacker to access world-readable destination file | CVE-2021-24032 zstd: Race condition allows attacker to access world-readable destination file |
| Alias | CVE-2021-24032 | |||
| Sage McTaggart | 2021-03-02 19:07:02 UTC | Fixed In Version | zstd 1.4.9 | |
| Sage McTaggart | 2021-03-03 21:38:05 UTC | Depends On | 1934856 | |
| Florencio Cano | 2021-03-04 10:54:15 UTC | CC | kaycoth, vmugicag | |
| Florencio Cano | 2021-03-04 11:01:59 UTC | Depends On | 1935080, 1935076, 1935079, 1935077, 1935078, 1935075 | |
| Stefan Cornelius | 2021-04-16 13:52:37 UTC | Comment | 0 | updated |
| Stefan Cornelius | 2021-04-16 14:11:43 UTC | Priority | medium | low |
| Severity | medium | low | ||
| Stefan Cornelius | 2021-04-16 14:13:40 UTC | Depends On | 1950394 | |
| Red Hat Bugzilla | 2021-06-22 00:27:41 UTC | CC | dbecker | |
| Eric Christensen | 2021-06-24 14:21:12 UTC | Doc Text | A flaw was found in zstd. While the final file mode is reflective of the input file, when compressing or uncompressing, the file can temporarily gain greater permissions than the input and potentially leading to security issues (especially if large files are being handled). | |
| Florencio Cano | 2021-08-23 10:44:26 UTC | CC | psegedy | |
| Red Hat Bugzilla | 2022-01-08 05:32:21 UTC | CC | jokerman | |
| Igor Raits | 2022-08-30 12:14:15 UTC | CC | igor.raits | |
| Sage McTaggart | 2022-12-21 23:31:04 UTC | Resolution | --- | WONTFIX |
| Status | NEW | CLOSED | ||
| Last Closed | 2022-12-21 23:31:04 UTC | |||
| Sage McTaggart | 2022-12-21 23:32:41 UTC | Status | CLOSED | NEW |
| Resolution | WONTFIX | --- | ||
| Keywords | Reopened | |||
| Red Hat Bugzilla | 2023-01-01 05:32:42 UTC | CC | amctagga | |
| Red Hat Bugzilla | 2023-01-01 05:47:11 UTC | CC | flucifre | |
| Red Hat Bugzilla | 2023-01-01 05:52:45 UTC | CC | mhackett | |
| Red Hat Bugzilla | 2023-01-01 06:02:32 UTC | CC | bniver | |
| Red Hat Bugzilla | 2023-01-01 08:35:08 UTC | CC | mbenjamin | |
| Red Hat Bugzilla | 2023-01-01 08:44:22 UTC | CC | sostapov | |
| Red Hat Bugzilla | 2023-01-01 08:49:06 UTC | CC | vereddy | |
| Alasdair Kergon | 2023-01-04 05:43:50 UTC | CC | sostapov | |
| Alasdair Kergon | 2023-01-04 06:11:25 UTC | CC | bniver | |
| Alasdair Kergon | 2023-01-04 06:22:30 UTC | CC | mbenjamin | |
| Alasdair Kergon | 2023-01-04 06:31:20 UTC | CC | vereddy | |
| Alasdair Kergon | 2023-01-04 06:43:51 UTC | CC | flucifre | |
| Alasdair Kergon | 2023-01-04 11:29:24 UTC | CC | mhackett | |
| Red Hat Bugzilla | 2023-07-07 08:33:32 UTC | Assignee | security-response-team | nobody |
Back to bug 1928090