Bug 498980
| Summary: | cluster product is affected by several symlink attack vulnerabilities | ||||||
|---|---|---|---|---|---|---|---|
| Product: | [Retired] Red Hat Cluster Suite | Reporter: | Fabio Massimo Di Nitto <fdinitto> | ||||
| Component: | ccs | Assignee: | Jonathan Earl Brassow <jbrassow> | ||||
| Status: | CLOSED ERRATA | QA Contact: | Cluster QE <mspqa-list> | ||||
| Severity: | urgent | Docs Contact: | |||||
| Priority: | high | ||||||
| Version: | 4 | CC: | bstevens, cfeist, cluster-maint, cmarthal, djansa, iannis, swhiteho | ||||
| Target Milestone: | --- | ||||||
| Target Release: | --- | ||||||
| Hardware: | All | ||||||
| OS: | Linux | ||||||
| Whiteboard: | |||||||
| Fixed In Version: | Doc Type: | Bug Fix | |||||
| Doc Text: | Story Points: | --- | |||||
| Clone Of: | 469338 | Environment: | |||||
| Last Closed: | 2011-02-16 15:14:49 UTC | Type: | --- | ||||
| Regression: | --- | Mount Type: | --- | ||||
| Documentation: | --- | CRM: | |||||
| Verified Versions: | Category: | --- | |||||
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |||||
| Cloudforms Team: | --- | Target Upstream Version: | |||||
| Embargoed: | |||||||
| Bug Depends On: | 469338 | ||||||
| Bug Blocks: | |||||||
| Attachments: |
|
||||||
Patch didn't build; fixed patch here: http://git.fedorahosted.org/git?p=cluster.git;a=commit;h=d20bd177341a7ee9dc76c17d5db73b5904b07660 An advisory has been issued which should help the problem described in this bug report. This report is therefore being closed with a resolution of ERRATA. For more information on therefore solution and/or where to find the updated files, please follow the link below. You may reopen this bug report if the solution does not work for you. http://rhn.redhat.com/errata/RHSA-2011-0265.html |
Created attachment 389818 [details] Patch for rhel4 modeled off the work done for rhel5 - (untested) Is this still being considered? If so, I can compile, test, and check-in.