Bug 498985 - rgmanager is affected by several symlink attack vulnerabilities
rgmanager is affected by several symlink attack vulnerabilities
Status: CLOSED ERRATA
Product: Red Hat Cluster Suite
Classification: Red Hat
Component: rgmanager (Show other bugs)
4
All Linux
high Severity urgent
: ---
: ---
Assigned To: Lon Hohberger
Cluster QE
:
: 519686 (view as bug list)
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2009-05-04 13:10 EDT by Fabio Massimo Di Nitto
Modified: 2016-04-27 00:31 EDT (History)
9 users (show)

See Also:
Fixed In Version: rgmanager-1.9.88-1.el4
Doc Type: Bug Fix
Doc Text:
Previously, the rgmanager contained several symlink vulnerabilities. With this update, there are no more vulnerabilities in the rgmanager.
Story Points: ---
Clone Of: 469338
Environment:
Last Closed: 2011-02-16 10:09:24 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Comment 3 Florian Nadge 2011-01-03 09:10:24 EST
    Technical note added. If any revisions are required, please edit the "Technical Notes" field
    accordingly. All revisions will be proofread by the Engineering Content Services team.
    
    New Contents:
Previously, the isAlive check could fail if two nodes used the same file name. With this update, the isAlive function prevents two nodes from using the same file name.
Comment 4 Florian Nadge 2011-01-03 09:11:11 EST
    Technical note updated. If any revisions are required, please edit the "Technical Notes" field
    accordingly. All revisions will be proofread by the Engineering Content Services team.
    
    Diffed Contents:
@@ -1 +1 @@
-Previously, the isAlive check could fail if two nodes used the same file name. With this update, the isAlive function prevents two nodes from using the same file name.+Previously, the rgmanager contained several symlink vulnerabilities. With this update, there are no more vulnerabilities in the rgmanager.
Comment 5 Huzaifa S. Sidhpurwala 2011-01-31 00:58:14 EST
*** Bug 519686 has been marked as a duplicate of this bug. ***
Comment 6 errata-xmlrpc 2011-02-16 10:09:24 EST
An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on therefore solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.

http://rhn.redhat.com/errata/RHSA-2011-0264.html

Note You need to log in before you can comment on or make changes to this bug.