stable

oddjob-0.34.6-1.fc32

FEDORA-2020-238bbf85d8 created by nalin 4 years ago for Fedora 32

This update includes a security fix for CVE-2020-10737. Additionally,

From 0.34.6:

  • update license on src/buffer.h

  • changes "/var/run" to "/run" in systemd service file (Orion Poplawski, #1834511)

From 0.34.5:

  • apply patch from Matthias Gerstner of the SUSE security team to fix a possible race condition in the mkhomedir helper (noted above, this fixes CVE-2020-10737)

  • only process SELinux contexts if SELinux is not disabled (Alexander Bokovoy, #1828855)

How to install

Updates may require up to 24 hours to propagate to mirrors. If the following command doesn't work, please retry later:

sudo dnf upgrade --refresh --advisory=FEDORA-2020-238bbf85d8

This update has been submitted for testing by nalin.

4 years ago

This update's test gating status has been changed to 'waiting'.

4 years ago

This update's test gating status has been changed to 'ignored'.

4 years ago

nalin edited this update.

4 years ago

nalin edited this update.

4 years ago

This update has been pushed to testing.

4 years ago
User Icon pwalter commented & provided feedback 4 years ago
karma

Works

User Icon danniel commented & provided feedback 4 years ago
karma

Works

This update can be pushed to stable now if the maintainer wishes

4 years ago
User Icon cserpentis commented & provided feedback 4 years ago
karma

works for me

This update has been submitted for stable by bodhi.

4 years ago

This update has been pushed to stable.

4 years ago

Please login to add feedback.

Metadata
Type
security
Severity
medium
Karma
3
Signed
Content Type
RPM
Test Gating
Autopush Settings
Unstable by Karma
-3
Stable by Karma
3
Stable by Time
7 days
Dates
submitted
4 years ago
in testing
4 years ago
in stable
4 years ago
modified
4 years ago
BZ#1828855 Please remove use of hardcoded SELinux security class
0
0
BZ#1833042 CVE-2020-10737 oddjob: race condition in oddjob_selinux_mkdir function in mkhomedir.c can lead to symlink attack
0
0
BZ#1833043 CVE-2020-10737 oddjob: race condition in oddjob_selinux_mkdir function in mkhomedir.c can lead to symlink attack [fedora-all]
0
0
BZ#1834511 PIDFile= references a path below legacy directory /var/run/
0
0

Automated Test Results