[prev in list] [next in list] [prev in thread] [next in thread]
List: oss-security
Subject: [oss-security] CVE-2018-1000018: ovirt-engine-setup: root password disclosed in provisioning logs
From: Doran Moppert <dmoppert () redhat ! com>
Date: 2018-01-24 6:20:18
Message-ID: 20180124060817.GE19133 () sin ! redhat ! com
[Download RAW message or body]
Distributions of ovirt using hosted-engine-setup should check if their
configuration is affected by this issue, as the default log file
permissions were 0755 and the root password was not correctly filtered.
https://gerrit.ovirt.org/#/c/86635/
https://gerrit.ovirt.org/#/c/62679/
https://bugzilla.redhat.com/show_bug.cgi?id=1537904
--
Doran Moppert
Red Hat Product Security
[Attachment #3 (application/pgp-signature)]
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic