| Summary: | CVE-2009-5054 php-Smarty: Does not consider the umask value when setting the permissions of files | ||||||
|---|---|---|---|---|---|---|---|
| Product: | [Other] Security Response | Reporter: | Jan Lieskovsky <jlieskov> | ||||
| Component: | vulnerability | Assignee: | Red Hat Product Security <security-response-team> | ||||
| Status: | CLOSED NOTABUG | QA Contact: | |||||
| Severity: | low | Docs Contact: | |||||
| Priority: | low | ||||||
| Version: | unspecified | CC: | christof, gwync | ||||
| Target Milestone: | --- | Keywords: | Security | ||||
| Target Release: | --- | ||||||
| Hardware: | All | ||||||
| OS: | Linux | ||||||
| Whiteboard: | |||||||
| Fixed In Version: | Doc Type: | Bug Fix | |||||
| Doc Text: | Story Points: | --- | |||||
| Clone Of: | Environment: | ||||||
| Last Closed: | 2011-10-25 10:26:39 UTC | Type: | --- | ||||
| Regression: | --- | Mount Type: | --- | ||||
| Documentation: | --- | CRM: | |||||
| Verified Versions: | Category: | --- | |||||
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |||||
| Cloudforms Team: | --- | Target Upstream Version: | |||||
| Attachments: |
|
||||||
|
Description
Jan Lieskovsky
2011-10-25 10:12:31 UTC
Relevant Changelog entry: ------- beta 4 11/18/2009 - observe umask settings when setting file permissions And particular SVN log entry to it: r3351 | Uwe.Tews | 2009-11-18 18:25:18 +0100 (Wed, 18 Nov 2009) | 3 lines - observe umask settings when setting file permissions - avoide unneeded cache file creation for subtemplates which did occur in some situations Created attachment 530046 [details]
Smarty r3351 upstream patch
This issue did NOT affect the versions of the php-Smarty package, as shipped with Fedora release of 14 and 15 (the particular code in question is not present in those versions yet). -- This issue did NOT affect the versions of the php-Smarty package, as shipped with Fedora EPEL 5 and Fedora EPEL 6 repositories (the particular code in question is not present in those versions yet). |