Bug 152687 - sysstat security exposure in packaging
Summary: sysstat security exposure in packaging
Keywords:
Status: CLOSED DUPLICATE of bug 2040112
Alias: None
Product: Fedora Legacy
Classification: Retired
Component: Package request
Version: unspecified
Hardware: All
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Fedora Legacy Bugs
QA Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2004-03-11 19:20 UTC by Michal Jaegermann
Modified: 2008-05-01 15:38 UTC (History)
0 users

Fixed In Version:
Clone Of:
Environment:
Last Closed:
Embargoed:


Attachments (Terms of Use)

Description David Lawrence 2005-03-30 23:24:01 UTC
RHSA-2004:093-01 annouces fixes to security vulnerabilities in sysstat
(CAN-2004-0107).  The same problems clearly exist in earlier versions of
the same package.

Fixes require changes in a spec file hence proposed patches are attached
as a small archive which includes also two other patches from 
sysstat-4.0.7-4.rhl9.1.  An issue of 64-bit libraries is not relevant here
so this change is skipped.

Patched package compiles without problems at least on RH7.3.  For other
distributions this needs to be tested.



------- Additional Comments From michal 2004-03-11 14:22:24 ----

Created an attachment (id=575)
An archive with changes to sysstat.spec and corresponding patches




------- Additional Comments From bugs.michael 2004-03-26 06:13:42 ----



*** This bug has been marked as a duplicate of 1372 ***



------- Bug moved to this database by dkl 2005-03-30 18:24 -------

This bug previously known as bug 1375 at https://bugzilla.fedora.us/
https://bugzilla.fedora.us/show_bug.cgi?id=1375
Originally filed under the Fedora Legacy product and Package request component.

Attachments:
An archive with changes to sysstat.spec and corresponding patches
https://bugzilla.fedora.us/attachment.cgi?action=view&id=575

Unknown priority P2. Setting to default priority "normal".
Unknown platform PC. Setting to default platform "All".
Setting qa contact to the default for this product.
   This bug either had no qa contact or an invalid one.




Note You need to log in before you can comment on or make changes to this bug.