Mageia 8 MGASA-2021-0323 Moderate Zstandard Permission Issue

mageia

July 8, 2021

Beginning in v1.4.1 and prior to v1.4.9, due to an incomplete fix for CVE-2021-24031, the Zstandard command-line utility created output files with default permissions and restricte...

Summary

Beginning in v1.4.1 and prior to v1.4.9, due to an incomplete fix for CVE-2021-24031, the Zstandard command-line utility created output files with default permissions and restricted those permissions immediately afterwards. Output files could therefore momentarily be readable or writable to unintended parties (CVE-2021-24032).

References

- https://bugs.mageia.org/show_bug.cgi?id=28444

- https://ubuntu.com/security/notices/USN-4760-1

- https://www.cve.org/CVERecord?id=CVE-2021-24032

Topics Covered

security advisory moderate software update permission issue mageia zstandard output files

Resolution

SRPMS

- 8/core/zstd-1.4.8-1.1.mga8

Publication date: 09 Jul 2021

URL: https://advisories.mageia.org/MGASA-2021-0323.html

Type: security

CVE: CVE-2021-24032

Topics Covered

security advisory moderate software update permission issue mageia zstandard output files

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Mageia 8 MGASA-2021-0323 Moderate Zstandard Permission Issue

Summary

References

Topics Covered

Resolution

SRPMS

Topics Covered

Get the latest News and Insights

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Mageia 8 MGASA-2021-0323 Moderate Zstandard Permission Issue

Summary

References

Topics Covered

Resolution

SRPMS

Topics Covered

Get the latest News and Insights

Related Articles

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!