Bug 991604 (CVE-2013-4209)
Summary: | CVE-2013-4209 ABRT: (substantially) limited leak of unauthorized information | ||
---|---|---|---|
Product: | [Other] Security Response | Reporter: | Jan Pokorný [poki] <jpokorny> |
Component: | vulnerability | Assignee: | Red Hat Product Security <security-response-team> |
Status: | CLOSED CURRENTRELEASE | QA Contact: | |
Severity: | low | Docs Contact: | |
Priority: | low | ||
Version: | unspecified | CC: | jrusnack, mmilata, security-response-team, vkrizan |
Target Milestone: | --- | Keywords: | Security |
Target Release: | --- | ||
Hardware: | Unspecified | ||
OS: | Unspecified | ||
Whiteboard: | |||
Fixed In Version: | abrt 2.1.6 | Doc Type: | Bug Fix |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2013-09-06 09:12:43 UTC | Type: | Bug |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: | |||
Bug Depends On: | 994418 | ||
Bug Blocks: | 994278 |
Comment 4
Vincent Danen
2013-08-06 23:53:30 UTC
Statement: Not vulnerable. This issue did not affect the versions of abrt as shipped with Red Hat Enterprise Linux 6. Time to open this up. We now ship the fixed version 2.1.6 on all previously affected products. In upstream commit https://github.com/abrt/abrt/commit/776209bd00b0dd16d02dd20fdb14eecbb6b9fa18 the format of core backtraces changed significantly. Source file hashes are no longer included for python exception reports. |