Bug 136319 - CAN-2004-0968 temporary file vulnerabilities in catchsegv script
CAN-2004-0968 temporary file vulnerabilities in catchsegv script
Status: CLOSED ERRATA
Product: Fedora
Classification: Fedora
Component: glibc (Show other bugs)
2
All Linux
medium Severity low
: ---
: ---
Assigned To: Jakub Jelinek
Brian Brock
impact=low,public=20040930,reported=2...
: Security
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2004-10-19 06:26 EDT by Mark J. Cox (Product Security)
Modified: 2007-11-30 17:10 EST (History)
0 users

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2004-11-11 09:05:54 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Mark J. Cox (Product Security) 2004-10-19 06:26:38 EDT
On September 10th 2004, Trustix shared some temporary file
vulnerabilities with vendor-sec.  After some refinement these were
made public on Sep30.  These are minor issues (impact: LOW) and
therefore should be fixed in future updates, but don't deserve their
own security advisory.

Temporary file vulnerability in catchsegv.  Patch attached to bug 136318
Comment 1 Jakub Jelinek 2004-10-22 03:47:52 EDT
For FC3, this is fixed in glibc-2.3.3-71 and above (FC3 will likely
ship with glibc-2.3.3-73).
Comment 2 Jakub Jelinek 2004-10-29 18:38:28 EDT
s/-73/-74/.
For FC2 there is a testing errata glibc-2.3.3-27.1.
Comment 3 Jakub Jelinek 2004-11-11 09:05:54 EST
The FC2 was released yesterday to ftp, the announcement in currently pending
approval.
FC3 already contains the fixes.

Note You need to log in before you can comment on or make changes to this bug.