Bug 1571935

Summary: copy-jdk-configs: improper config files restauration
Product: [Other] Security Response Reporter: Laura Pardo <lpardo>
Component: vulnerabilityAssignee: Red Hat Product Security <security-response-team>
Status: CLOSED NOTABUG QA Contact:
Severity: low Docs Contact:
Priority: low    
Version: unspecifiedCC: jvanek
Target Milestone: ---Keywords: Security
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2018-05-03 20:28:50 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On: 1571936, 1571937    
Bug Blocks: 1571941    

Description Laura Pardo 2018-04-25 18:30:45 UTC 
A flaw was found in copy-jdk-configs when handling configuration files for jdk with multiple symlinks to jre. This could result in copy-jdk-configs restoring the config file for one jre symlink but, as the backup was already removed, remove the config files for the rest of the jre symlinks without restoring them.


References:
https://pagure.io/copy_jdk_configs/c/1e1972ddc941cc5335daa26060b961e10171b732?branch=master
https://pagure.io/copy_jdk_configs/c/66374991d056e6f17705aa6be9aedcacfa4466ff?branch=master
Comment 1 Laura Pardo 2018-04-25 18:31:15 UTC 
Created copy-jdk-configs tracking bugs for this issue:

Affects: fedora-all [bug 1571937]
Comment 3 jiri vanek 2018-04-26 08:20:06 UTC 
As only openjdk7 + rhel7 is affected, I would consider this bug as invalid
Comment 4 Tomas Hoger 2018-05-03 20:28:50 UTC 
This was not handled as a security issue, but as a bug.  Problem was addressed via the following bug fix advisory:

https://access.redhat.com/errata/RHBA-2018:1276