-
Notifications
You must be signed in to change notification settings - Fork 60
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Fix rpm-ostree CVE-2024-2905 (world-readable /etc/[g]shadow[-]
)
#1705
Comments
Some historical links for a closely related fix: |
Copying some info forward: The underlying issue is related to coreos/rpm-ostree#4503, which was first released in rpm-ostree v2023.6. That version was never released in Fedora, but v2023.7 was first in bodhi stable in early September 2023. Fedora CoreOS versions were affected when
So the bad version of
|
/etc/[g]shadow[-]
)/etc/[g]shadow[-]
)
The fix for this went into |
The fix for this went into |
The fix for this went into |
The text was updated successfully, but these errors were encountered: