|
|
Log in / Subscribe / Register

setup: information disclosure

Package(s):setup CVE #(s):
Created:March 30, 2015 Updated:April 27, 2015
Description: From the Mageia advisory:

An issue has been identified in Mageia 4's setup package where the /etc/shadow and /etc/gshadow files containing password hashes were created with incorrect permissions, making them world-readable (mga#14516).

This update fixes this issue by enforcing that those files are owned by the root user and shadow group, and are only readable by those two entities.

Alerts:
Mandriva MDVSA-2015:208 setup 2015-04-27
Mageia MGASA-2015-0162 setup 2015-04-23
Mageia MGASA-2015-0116 setup 2015-03-27
Mandriva MDVSA-2015:184 setup 2015-03-30
to post comments


Copyright © 2026, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds