Back to bug 2210921

Who	When	What	Removed	Added
Sandipan Roy	2023-05-30 04:19:03 UTC	CC		praiskup
Sandipan Roy	2023-05-30 04:19:17 UTC	Blocks		2210884
Sandipan Roy	2023-05-30 04:21:17 UTC	Depends On		2210924, 2210928, 2210930, 2210925, 2210922, 2210929, 2210927, 2210923, 2210926
Sandipan Roy	2023-05-30 04:32:14 UTC	Doc Text		A vulnerbility was found in libarchive. This security flaw causes a race condition in multi-threaded use of archive_write_disk_header() on posix based systems. Such race condition could lead to implicit directory creation with permissions 777 without sticky bit, which means any low privileged user on this system can delete and rename files inside those directories.
Lukas Javorsky	2023-05-30 07:09:19 UTC	Flags		needinfo?(saroy)
Sandipan Roy	2023-05-30 08:03:50 UTC	Flags	needinfo?(saroy)
Paige Jung	2023-05-30 13:27:40 UTC	Doc Text	A vulnerbility was found in libarchive. This security flaw causes a race condition in multi-threaded use of archive_write_disk_header() on posix based systems. Such race condition could lead to implicit directory creation with permissions 777 without sticky bit, which means any low privileged user on this system can delete and rename files inside those directories.	A vulnerability was found in libarchive. This issue can cause a race condition in a multi-threaded use of archive_write_disk_header() on posix based systems, which could allow implicit directory creation with permissions 777, without sticky bit, which means any low privileged user on the system can delete and rename files inside those directories.
Kazu Yoshida	2023-06-06 10:14:51 UTC	CC		kyoshida
Red Hat Bugzilla	2023-07-07 08:29:29 UTC	Assignee	security-response-team	nobody
Honza Horak	2023-07-10 09:45:08 UTC	CC		hhorak
Lukas Javorsky	2023-07-17 09:49:53 UTC	Flags		needinfo?(saroy)
Sandipan Roy	2023-07-17 14:22:49 UTC	Flags	needinfo?(saroy)

Back to bug 2210921