Bug 140068 - [RHAS2.1] CAN-2004-0968 temporary file vulnerabilities in catchsegv script
[RHAS2.1] CAN-2004-0968 temporary file vulnerabilities in catchsegv script
Product: Red Hat Enterprise Linux 2.1
Classification: Red Hat
Component: glibc (Show other bugs)
All Linux
medium Severity low
: ---
: ---
Assigned To: Jakub Jelinek
Brian Brock
: Security
: 148802 (view as bug list)
Depends On:
Blocks: 132992
  Show dependency treegraph
Reported: 2004-11-19 11:20 EST by Josh Bressers
Modified: 2016-11-24 09:55 EST (History)
1 user (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2005-04-28 11:16:04 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)

External Trackers
Tracker ID Priority Status Summary Last Updated
Red Hat Product Errata RHSA-2005:261 normal SHIPPED_LIVE Low: glibc security update 2005-04-28 00:00:00 EDT

  None (edit)
Description Josh Bressers 2004-11-19 11:20:07 EST
On September 10th 2004, Trustix shared some temporary file
vulnerabilities with vendor-sec.  After some refinement these were
made public on Sep30.  These are minor issues (impact: LOW) and
therefore should be fixed in future updates, but don't deserve their
own security advisory.

Temporary file vulnerability in catchsegv.

Patch attached as attachment 105440 [details].
Comment 1 Jakub Jelinek 2004-11-24 04:06:58 EST
catchsegv.sh fixed in cvs.dist glibc/RHEL-2_1/ CVS, glibcbug script removed
at the same place.  The remaining two patched files are bogus.

Is this enough to fix in U7 or do we need a security errata earlier?
Comment 2 Jakub Jelinek 2005-02-15 08:58:49 EST
Should be fixed in glibc-2.2.4-32.19 in dist-2.1AS-errata-candidate.
Comment 3 Jakub Jelinek 2005-02-15 15:44:34 EST
*** Bug 148802 has been marked as a duplicate of this bug. ***
Comment 4 John Flanagan 2005-04-28 11:16:04 EDT
An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on the solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.


Note You need to log in before you can comment on or make changes to this bug.