Updated libcgroup packages fix security vulnerability
Publication date: 21 Sep 2018Type: security
Affected Mageia releases : 6
CVE: CVE-2018-14348
Description
The cgrulesengd daemon (cgred) in libcgroup through version 0.41 creates log files (/var/log/cgred) with world readable and writable permissions (0o666) due to a reset of the file mode creation mask (umask(0)) in the daemon/cgrulesengd.c:cgre_start_daemon() function (CVE-2018-14348).
References
SRPMS
6/core
- libcgroup-0.41-1.1.mga6