Vulnerability CVE-2015-1200: Information
Description
Race condition in pxz 4.999.99 Beta 3 uses weak file permissions for the output file when compressing a file before changing the permission to match the original file, which allows local users to bypass the intended access restrictions.
Severity: LOW (2.1)
Fixed packages
Package name | Branch | Fixed in version | Version from repository | Errata ID | Task # | State |
---|---|---|---|---|---|---|
pxz | sisyphus | 4.999.9beta-alt3 | 4.999.9beta-alt3 | ALT-PU-2015-1088-1 | 139268 | Fixed |
pxz | p10 | 4.999.9beta-alt3 | 4.999.9beta-alt3 | ALT-PU-2015-1088-1 | 139268 | Fixed |
pxz | p9 | 4.999.9beta-alt3 | 4.999.9beta-alt3 | ALT-PU-2015-1088-1 | 139268 | Fixed |
pxz | c10f1 | 4.999.9beta-alt3 | 4.999.9beta-alt3 | ALT-PU-2015-1088-1 | 139268 | Fixed |
pxz | c9f2 | 4.999.9beta-alt3 | 4.999.9beta-alt3 | ALT-PU-2015-1088-1 | 139268 | Fixed |