FEDORA-EPEL-2017-dadbc43983

security update in Fedora EPEL 7 for mimedefang

Status: stable 2 years ago

MIMEDefang 2.81

  • Don't barf if the installed version of Sys::Syslog has a developer tag added (like 0.33_01 on Debian Stretch).
  • Make mimedefang and mimedefang-multiplexor write their PID files as root to avoid an unprivileged user tampering with the pidfiles. Thanks to Michael Orlitzky for pointing this issue out.

Comments 5

This update has been submitted for testing by robert.

2 years ago

This update has been pushed to testing.

2 years ago

This update has reached 14 days in testing and can be pushed to stable now if the maintainer wishes

2 years ago

This update has been submitted for stable by robert.

2 years ago

This update has been pushed to stable.

2 years ago

Add Comment & Feedback

Please login to add feedback.

Content Type
RPM
Status
stable
Test Gating
Submitted by
Update Type
security
Update Severity
medium
Karma
0
stable threshold: 1
unstable threshold: -3
Autopush (karma)
Enabled
Autopush (time)
Disabled
Dates
submitted 2 years ago
in testing 2 years ago
in stable 2 years ago

Related Bugs 3
00 #1487543 CVE-2017-14102 mimedefang: Privilege escalation via PID file manipulation
00 #1487544 CVE-2017-14102 mimedefang: Privilege escalation via PID file manipulation [epel-all]
00 #1487804 mimedefang-2.81 is available

Automated Test Results

Copyright © 2007-2019 Red Hat, Inc. and others.

Running bodhi-4.1.1 on bodhi-web-117-hmr5s.

bodhi is Free Software. Please file issues if you have any problems. Read the documentation.

Legal | Privacy policy