Bug 409871 (CVE-2007-6209)
Summary: | CVE-2007-6209 zsh insecure /tmp file usage | ||
---|---|---|---|
Product: | [Other] Security Response | Reporter: | Lubomir Kundrak <lkundrak> |
Component: | vulnerability | Assignee: | Red Hat Product Security <security-response-team> |
Status: | CLOSED NOTABUG | QA Contact: | |
Severity: | low | Docs Contact: | |
Priority: | low | ||
Version: | unspecified | CC: | james.antill |
Target Milestone: | --- | Keywords: | Security |
Target Release: | --- | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-6209 | ||
Whiteboard: | |||
Fixed In Version: | Doc Type: | Bug Fix | |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2007-12-04 08:44:29 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: |
Description
Lubomir Kundrak
2007-12-04 08:38:22 UTC
Not vulnerable. These issues did not affect the versions of the zsh package as shipped with Red Hat Enterprise Linux 2.1, 3, 4, or 5. It's worth noting that even the 4.3.4 version of zsh we ship in Fedora is also not vulnerable, as we don't ship that perl script (looks like an addon). |