RHSA-2015:1210Medium
Red Hat Security Advisory: abrt security update
🔗 CVE IDs covered (6)
📋 Description
CVE-2015-1869 — abrt: default event scripts follow symbolic links CVE-2015-1870 — abrt: default abrt event scripts lead to information disclosure CVE-2015-3142 — abrt: abrt-hook-ccpp writes core dumps to existing files owned by others CVE-2015-3147 — abrt: does not validate contents of uploaded problem reports CVE-2015-3159 — abrt: missing process environment sanitizaton in abrt-action-install-debuginfo-to-abrt-cache CVE-2015-3315 — abrt: Various race-conditions and symlink issues found in abrt
🔗 References (9)
- selfhttps://access.redhat.com/errata/RHSA-2015:1210
- externalhttps://access.redhat.com/security/updates/classification/#moderate
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1211835
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1212818
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1212861
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1212868
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1212953
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1216962
- selfhttps://security.access.redhat.com/data/csaf/v2/advisories/2015/rhsa-2015_1210.json