Bug 650556 (CVE-2010-3996)
Summary: | CVE-2010-3996 festival: insecure library loading vulnerability | ||
---|---|---|---|
Product: | [Other] Security Response | Reporter: | Vincent Danen <vdanen> |
Component: | vulnerability | Assignee: | Red Hat Product Security <security-response-team> |
Status: | CLOSED NOTABUG | QA Contact: | |
Severity: | low | Docs Contact: | |
Priority: | low | ||
Version: | unspecified | CC: | davidz, mattdm |
Target Milestone: | --- | Keywords: | Security |
Target Release: | --- | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | |||
Fixed In Version: | Doc Type: | Bug Fix | |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2010-11-07 01:38:49 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: |
Description
Vincent Danen
2010-11-07 01:32:28 UTC
This issue does not affect the version of festival as provided with Red Hat Enterprise Linux 3, 4, or 5. It also does not affect any version of festival as provided with Fedora (none of the festival_server scripts manipulate LD_LIBRARY_PATH at all). Perhaps this is a 2.x "feature". Statement: Not vulnerable. This issue did not affect the versions of festival as shipped with Red Hat Enterprise Linux 3, 4, or 5. |