Bug 1069034
| Summary: | redis: insecure temporary file creation | ||
|---|---|---|---|
| Product: | [Other] Security Response | Reporter: | Murray McAllister <mmcallis> |
| Component: | vulnerability | Assignee: | Red Hat Product Security <security-response-team> |
| Status: | CLOSED ERRATA | QA Contact: | |
| Severity: | low | Docs Contact: | |
| Priority: | low | ||
| Version: | unspecified | CC: | carnil, fabian.deutsch, i, jrusnack, karlthered, silas |
| Target Milestone: | --- | Keywords: | Security |
| Target Release: | --- | ||
| Hardware: | All | ||
| OS: | Linux | ||
| Whiteboard: | |||
| Fixed In Version: | Doc Type: | Bug Fix | |
| Doc Text: | Story Points: | --- | |
| Clone Of: | Environment: | ||
| Last Closed: | 2017-09-07 08:01:34 UTC | Type: | --- |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
| Bug Depends On: | 1069035, 1069036 | ||
| Bug Blocks: | |||
|
Description
Murray McAllister
2014-02-24 02:17:37 UTC
The CVE will probably be posted to https://github.com/antirez/redis/issues/1560 once assigned Created redis tracking bugs for this issue: Affects: fedora-all [bug 1069035] Affects: epel-all [bug 1069036] (In reply to Murray McAllister from comment #1) > The CVE will probably be posted to > https://github.com/antirez/redis/issues/1560 once assigned CVE request: http://seclists.org/oss-sec/2014/q1/423 Seems like this may be expected behavior: http://seclists.org/oss-sec/2014/q1/425 @Murray: could we close this ticket or should we fix that issue no matter what ? Hello, The issue was rated Low so it is not urgent to fix. If you are able to fix it in just rawhide, then the ticket could be closed. However, if you cannot get a fix from upstream or are having problems there, the bug could be closed WONTFIX. Thanks, I'll do as you suggest. |