Securit fix for CVE-2024-2905 Backport fix for /etc/[g]shadow permissions
Backport patch to fix https://github.com/coreos/rpm-ostree/issues/4879
Updates may require up to 24 hours to propagate to mirrors. If the following command doesn't work, please retry later:
sudo dnf upgrade --refresh --advisory=FEDORA-2024-589189d414Please login to add feedback.
This update has been submitted for testing by siosm.
This update's test gating status has been changed to 'waiting'.
This update's test gating status has been changed to 'waiting'.
This update has obsoleted rpm-ostree-2024.4-3.fc40, and has inherited its bugs and notes.
This update's test gating status has been changed to 'passed'.
https://adamwill.fedorapeople.org/02554972-FEDORA-2024-589189d414-Silverblue-ostree-x86_64.iso can be used for testing this.
Fix confirmed here. I installed a random Silverblue ISO from January and confirmed the bug ( /etc/shadow and /etc/gshadow were readable as a regular user), then installed from the ISO above and confirmed the fix ( /etc/shadow and /etc/gshadow are no longer readable as a regular user).
This update has been pushed to testing.
This update has been submitted for stable by bodhi.
There is an ongoing freeze; this will be pushed to stable after the freeze is over.
This update has been pushed to stable.