Red Hat Bugzilla – Bug 360641
CVE-2007-5751 liferea weak permissions for the feedlist.opml backup file
Last modified: 2007-11-30 17:12:20 EST
Common Vulnerabilities and Exposures assigned an identifier CVE-2007-5751 to the
Liferea before 1.4.6 uses weak permissions (0644) for the
feedlist.opml backup file, which allows local users to obtain
Issue is reported to be fixed in version 1.4.6. Current version in Fedora is
from 1.2.x branch, however affected code also seems to exist there.
This seems to be a relevant upstream SVN commit:
liferea-1.2.23-4.fc7 has been pushed to the Fedora 7 stable repository. If problems still persist, please make note of it in this bug report.
Reopening this for F8, so we don't forget an update once Werewolf is Gold.
It's already been built & pushed to stable for F8 (which are being held until F8
is out the door).
liferea-1.2.23-5.fc8 has been pushed to the Fedora 8 stable repository. If problems still persist, please make note of it in this bug report.