Download
| Alert*
oval:org.secpod.oval:def:89002344
This update for systemd fixes the following issues: Security issue fixed: - CVE-2017-18078: tmpfiles: refuse to chown/chmod files which are hardlinked, unless protected_hardlinks sysctl is on. This could be used by local attackers to gain privileges Non Security issues fixed: - core: use id unit wh ... oval:org.secpod.oval:def:2000589 systemd-tmpfiles in systemd before 237 attempts to support ownership/permission changes on hardlinked files even if the fs.protected_hardlinks sysctl is turned off, which allows local users to bypass intended access restrictions via vectors involving a hard link to a file for which the user lacks wr ... |