Red Hat Bugzilla – Bug 155744
CAN-2005-0953 bzip2 race condition
Last modified: 2007-11-30 17:11:04 EST
+++ This bug was initially created as a clone of Bug #155742 +++
Race condition in bzip2 1.0.2 and earlier allows local users to modify
permissions of arbitrary files via a hard link attack on a file while it is
being decompressed, whose permissions are changed by bzip2 after the
decompression is complete.
Whats the status on this one?
This bug is fixed in devel (version 1.0.3-1) and in fc4 (version 1.0.2-16).
This bug is fixed in fc3 branch too (1.0.2-13.FC3.1).