Taggart :donor: on Nostr: This is rough.A security vulnerability has been discovered within rpm-ostree. ...
This is rough.A security vulnerability has been discovered within rpm-ostree. Affected versions created the /etc/shadow and /etc/gshadow files with the world-readable bit enabled. With permissions set at a higher than recommended level, sensitive authentication data may be exposed to unauthorized access./etc/shadow is readable??
universal-blue.discourse.group/t/updates-needed-cve-2024-2905/1053
Published at
2024-04-11 03:39:59Event JSON
{
"id": "669856edec4552cae99def5da75a01c40cf2a5e4b1e7c32e2f9ed3a09a352910",
"pubkey": "4afb3830f7c5db05d5934438779f63c3ed1401aa03a2eb0cc3cda743633aea61",
"created_at": 1712806799,
"kind": 1,
"tags": [
[
"proxy",
"https://infosec.town/notes/9ry99a07ffd5jg35",
"activitypub"
]
],
"content": "This is rough.A security vulnerability has been discovered within rpm-ostree. Affected versions created the /etc/shadow and /etc/gshadow files with the world-readable bit enabled. With permissions set at a higher than recommended level, sensitive authentication data may be exposed to unauthorized access./etc/shadow is readable??\n\nuniversal-blue.discourse.group/t/updates-needed-cve-2024-2905/1053",
"sig": "f0de7a090cc0ecf8a1ae7ef2e664c32ce735f9d64f21124173a6ba7af25ca6fe9b02473e9cadeed605cf9a6551f940f4eeaf23d9a58553919a7c58179791293b"
}
