[dcmtk] important vulnerability (possible privilege escalation if setuid() fails)
Mario Ceresa
mrceresa at gmail.com
Tue Jul 15 08:59:33 UTC 2014
Hi Igor, thanks for the heads up!
I'm at work now and have no access to my ssh key. I'll try to update the
fix later at home.
Best,
Mario
On 15 July 2014 08:59, Igor Gnatenko <ignatenkobrain at fedoraproject.org>
wrote:
> Hi,
>
> we have important vulnerability[0] in yours package - dcmtk.
>
> Please apply upstream patch provided in BZ and submit update using link in
> BZ
> for all Fedora branches.
>
> Also when you created SCM request you added EPEL6 to branches, but we got
> nothing in el6, fix it please ;)
>
> [0]https://bugzilla.redhat.com/show_bug.cgi?id=1104041
> --
> -Igor Gnatenko
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.fedoraproject.org/pipermail/security-team/attachments/20140715/c73a9a18/attachment.html>
More information about the security-team
mailing list