Bug 748761 (CVE-2009-5054)
Summary: | CVE-2009-5054 php-Smarty: Does not consider the umask value when setting the permissions of files | ||||||
---|---|---|---|---|---|---|---|
Product: | [Other] Security Response | Reporter: | Jan Lieskovsky <jlieskov> | ||||
Component: | vulnerability | Assignee: | Red Hat Product Security <security-response-team> | ||||
Status: | CLOSED NOTABUG | QA Contact: | |||||
Severity: | low | Docs Contact: | |||||
Priority: | low | ||||||
Version: | unspecified | CC: | christof, gwync | ||||
Target Milestone: | --- | Keywords: | Security | ||||
Target Release: | --- | ||||||
Hardware: | All | ||||||
OS: | Linux | ||||||
Whiteboard: | |||||||
Fixed In Version: | Doc Type: | Bug Fix | |||||
Doc Text: | Story Points: | --- | |||||
Clone Of: | Environment: | ||||||
Last Closed: | 2011-10-25 10:26:39 UTC | Type: | --- | ||||
Regression: | --- | Mount Type: | --- | ||||
Documentation: | --- | CRM: | |||||
Verified Versions: | Category: | --- | |||||
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |||||
Cloudforms Team: | --- | Target Upstream Version: | |||||
Embargoed: | |||||||
Attachments: |
|
Description
Jan Lieskovsky
2011-10-25 10:12:31 UTC
Relevant Changelog entry: ------- beta 4 11/18/2009 - observe umask settings when setting file permissions And particular SVN log entry to it: r3351 | Uwe.Tews | 2009-11-18 18:25:18 +0100 (Wed, 18 Nov 2009) | 3 lines - observe umask settings when setting file permissions - avoide unneeded cache file creation for subtemplates which did occur in some situations Created attachment 530046 [details]
Smarty r3351 upstream patch
This issue did NOT affect the versions of the php-Smarty package, as shipped with Fedora release of 14 and 15 (the particular code in question is not present in those versions yet). -- This issue did NOT affect the versions of the php-Smarty package, as shipped with Fedora EPEL 5 and Fedora EPEL 6 repositories (the particular code in question is not present in those versions yet). |