Описание
ELSA-2018-3663: sos-collector security update (MODERATE)
[1.5-3.0.1]
- To recognize OL system[OraBug 28807430]
- import os module to detect /etc/redhat-release [OraBug 28740046]
[1.5-3]
- Resolve race condition in cluster profile loading
- Quote all options globally
- RHBZ#1633515
- RHBZ#1647955
[1.5-2]
- Fix cluster option reporting
[1.5-1]
- Update to version 1.5
- Resolves CVE-2018-14650
Обновленные пакеты
Oracle Linux 7
Oracle Linux aarch64
sos-collector
1.5-3.0.1.el7_6
Oracle Linux x86_64
sos-collector
1.5-3.0.1.el7_6
Связанные CVE
Связанные уязвимости
It was discovered that sos-collector does not properly set the default permissions of newly created files, making all files created by the tool readable by any local user. A local attacker may use this flaw by waiting for a legit user to run sos-collector and steal the collected data in the /var/tmp directory.
It was discovered that sos-collector does not properly set the default permissions of newly created files, making all files created by the tool readable by any local user. A local attacker may use this flaw by waiting for a legit user to run sos-collector and steal the collected data in the /var/tmp directory.
It was discovered that sos-collector does not properly set the default permissions of newly created files, making all files created by the tool readable by any local user. A local attacker may use this flaw by waiting for a legit user to run sos-collector and steal the collected data in the /var/tmp directory.
It was discovered that sos-collector does not properly set the default permissions of newly created files, making all files created by the tool readable by any local user. A local attacker may use this flaw by waiting for a legit user to run sos-collector and steal the collected data in the /var/tmp directory.