non port: security/trousers/files/patch-10b33821.c |
Number of commits found: 1 |
Tuesday, 18 Aug 2020
|
23:23 zeising
security/trousers: fix security issues
Fix three security issues in security/trousers:
* CVE-2020-24332
If the tcsd daemon is started with root privileges,
the creation of the system.data file is prone to symlink attacks
* CVE-2020-24330
If the tcsd daemon is started with root privileges,
it fails to drop the root gid after it is no longer needed
* CVE-2020-24331
If the tcsd daemon is started with root privileges,
the tss user has read and write access to the /etc/tcsd.conf file
Add patches to fix potential use-after-free
Fix build with -fno-common
MFH: 2020Q3
Security: e37a0a7b-e1a7-11ea-9538-0c9d925bbbc0
|
Number of commits found: 1 |