oss-sec mailing list archives
Re: CVE request: acl 2.2.47 always follows symlinks
From: "Steven M. Christey" <coley () linus mitre org>
Date: Wed, 23 Dec 2009 16:50:56 -0500 (EST)
On Wed, 23 Dec 2009, Hanno B??ck wrote:
setfacl/getfacl (part of package acl-2.2.47) contains a bug that it ignores the --physical/-P parameter that means don't follow symlinks on -R (recursive).
Use CVE-2009-4411, to be filled in later. - Steve
Current thread:
- CVE request: acl 2.2.47 always follows symlinks Hanno Böck (Dec 23)
- Re: CVE request: acl 2.2.47 always follows symlinks Steven M. Christey (Dec 23)
- <Possible follow-ups>
- Re: CVE request: acl 2.2.47 always follows symlinks Brandon Philips (Dec 23)