Bug 1802788
Summary: | CVE-2020-7221 mariadb: mysql_install_db allows privilege escalation due to unsafe chown and chmod operations [openstack-rdo] | ||
---|---|---|---|
Product: | [Community] RDO | Reporter: | Guilherme de Almeida Suckevicz <gsuckevi> |
Component: | mariadb | Assignee: | Michael Bayer <mbayer> |
Status: | CLOSED NOTABUG | QA Contact: | |
Severity: | medium | Docs Contact: | |
Priority: | medium | ||
Version: | unspecified | CC: | daniel, jjoyce, jschluet, lhh, lpeer, mburns, sclewis, slinaber |
Target Milestone: | --- | Keywords: | Security, SecurityTracking |
Target Release: | trunk | ||
Hardware: | Unspecified | ||
OS: | Unspecified | ||
Whiteboard: | |||
Fixed In Version: | Doc Type: | No Doc Update | |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2024-02-16 09:42:51 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: | |||
Bug Depends On: | |||
Bug Blocks: | 1802786 |
Description
Guilherme de Almeida Suckevicz
2020-02-13 20:43:10 UTC
upstream fix https://github.com/MariaDB/server/commit/9d18b62467 (10.4.12) mariadb is not included in RDO since the switch to CS9 |