[SECURITY] [DLA 1472-1] libcgroup security update

To: debian-lts-announce@lists.debian.org
Subject: [SECURITY] [DLA 1472-1] libcgroup security update
From: Markus Koschany <apo@debian.org>
Date: Mon, 20 Aug 2018 23:01:22 +0200
Message-id: <[🔎] a768f3d3-2f09-636d-5dcf-6048e9a6a5d1@debian.org>
Mail-followup-to: debian-lts@lists.debian.org
Reply-to: debian-lts@lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Package        : libcgroup
Version        : 0.41-6+deb8u1
CVE ID         : CVE-2018-14348
Debian Bug     : 906308

The cgrulesengd daemon in libcgroup creates log files with world
readable and writable permissions due to a reset of the file mode
creation mask (umask(0)).

For Debian 8 "Jessie", this problem has been fixed in version
0.41-6+deb8u1.

We recommend that you upgrade your libcgroup packages.

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS
-----BEGIN PGP SIGNATURE-----

iQKTBAEBCgB9FiEErPPQiO8y7e9qGoNf2a0UuVE7UeQFAlt7LCJfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEFD
RjNEMDg4RUYzMkVERUY2QTFBODM1RkQ5QUQxNEI5NTEzQjUxRTQACgkQ2a0UuVE7
UeTl0Q//SlqU7aUuzkJP41oUH4ChmWDQDt9+80a4M1QbsLHY1XBJTCVVtTG2OF2+
4r8L+zTfwXUnzJbqLFZiw2iq+kyKLoalCOnhMuiD9kVPF+3YpuQgJhTuBKyAZmsd
yv66XzZ89Uss54AJFfXqxpxZKJIZWlBuTFBJu6rMW0+vYr44skHJqasgCqLAezIg
9peS4B1+1ti73XksjiYSYmXYPyNHU3Wjvh8ac+AMmPwH/o4aYg92w1j1ZUTb3F57
fZLhRJyCzJwxifmAI4T1OOI8MxUeg2inn+KxrmOkgOzauF0NTh9OAmB2xFk/2Mq5
cbeBArTY2vq68G28bDc3miCmxtnslEZcbTAzGjcvbvrMU6QrpyfJi1GSI3CycUuO
QMi0N2//4uB0Aq2x0ilo+7hYpNsQ4Mx3vDsS/M3VhGZuBJ9WW6JWT80zq7BPZotz
wLHv4w9GtMe53Zhg+Y6cgnQTHQ9eLxL1SIOtQ1ozKe1BIpcGyLsYtJWRCR21bIga
GxWX7FIrPzXWnORPRUDnCyL34u/ZahDdMWFQlZxFQRHlPeOOvbjIbCZM1+RSur7C
EK72KywmIgdedsmTQgED6uG+9yl1Xv72FGNiSGkwniEmdgW2DznT6Nr50oeKgLti
QNMU++SQHfXZ+oG0xw2itmrQxw54b/hQa0FSRh3BY9kRi20/M1I=
=PulW
-----END PGP SIGNATURE-----

Reply to:

Prev by Date: [SECURITY] [DLA 1471-1] kamailio security update
Next by Date: [SECURITY] [DLA 1461-1] clamav security update
Previous by thread: [SECURITY] [DLA 1471-1] kamailio security update
Next by thread: [SECURITY] [DLA 1461-1] clamav security update
Index(es):
- Date
- Thread