Bug 462326 (CVE-2008-4108)
Summary: | CVE-2008-4108 python: Generic FAQ wizard moving tool insecure auxiliary /tmp file usage (symlink attack possible) | ||
---|---|---|---|
Product: | [Other] Security Response | Reporter: | Jan Lieskovsky <jlieskov> |
Component: | vulnerability | Assignee: | Red Hat Product Security <security-response-team> |
Status: | CLOSED NOTABUG | QA Contact: | |
Severity: | low | Docs Contact: | |
Priority: | low | ||
Version: | unspecified | CC: | james.antill, kreilly |
Target Milestone: | --- | Keywords: | Security |
Target Release: | --- | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | |||
Fixed In Version: | Doc Type: | Bug Fix | |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2009-03-13 09:54:51 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: |
Description
Jan Lieskovsky
2008-09-15 12:40:44 UTC
This issue affects all versions of the Python package, as shipped with Red Hat Enteprise Linux 4, 5 and all versions of the Python package, as shipped within Fedora releases of 8, 9 and 10. (In reply to comment #1) > This issue affects all versions of the Python package, as shipped with > Red Hat Enteprise Linux 4, 5 and all versions of the Python package, > as shipped within Fedora releases of 8, 9 and 10. Affected script is part of python source RPM for those Red Hat Enterprise Linux and Fedora versions, but it is not shipped in any binary RPM, hence there's nothing to fix. Closing. |