Explore top 10 tips to secure your open-source projects now. Read More
×Gentoo Linux Security Advisory GLSA 200601-01
https://security.gentoo.org/
Severity: Normal
Title: pinentry: Local privilege escalation
Date: January 03, 2006
Bugs: #116822
ID: 200601-01
Synopsis
=======
pinentry is vulnerable to privilege escalation.
Background
=========
pinentry is a collection of simple PIN or passphrase entry dialogs
which utilize the Assuan protocol.
Affected packages
================
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 app-crypt/pinentry < 0.7.2-r2 >= 0.7.2-r2
==========
Tavis Ormandy of the Gentoo Linux Security Audit Team has discovered
that the pinentry ebuild incorrectly sets the permissions of the
pinentry binaries upon installation, so that the sgid...
style>.gentoo_availability{display:block;}
Get the latest Linux and open source security news straight to your inbox.