SUSE CVE-2015-5302

libreport 2.0.7 before 2.6.3 only saves changes to the first file when editing a crash report, which allows remote attackers to obtain sensitive information via unspecified vectors related to the 1 backtrace, 2 cmdline, 3 environ, 4 openfds, 5 maps, 6 smaps, 7 hostname, 8 remote, 9 ks.cfg, or 10...

Fedora 22 : abrt-2.6.1-6.fc22 / libreport-2.6.3-1.fc22 (2015-b81f7e1e86)

Security fix for CVE-2015-5302 abrt-2.6.1-6.fc22 - doc: fix default DumpLocation in abrt.conf man page - abrt-retrace-client: use atoll for size conversion - a-a-a-ccpp-local don't delete buildids - abrt-dump-xorg: support Xorg log backtraces prefixed by EE - bodhi: fix typo in error messages...

Fedora 21 : abrt-2.3.0-12.fc21 / libreport-2.3.0-10.fc21 (2015-6542ab6d3a)

Security fix for CVE-2015-5302 abrt-2.3.0-12.fc21 - doc: fix default DumpLocation in abrt.conf man page - bodhi: fix typo in error messages - abrt- dump-xorg: support Xorg log backtraces prefixed by EE libreport-2.3.0-10.fc21 - fix save users changes after reviewing dump dir files - Resolves...

Fedora 23 : abrt-2.7.0-2.fc23 / libreport-2.6.3-1.fc23 (2015-cc585b503f)

Security fix for CVE-2015-5302 abrt-2.7.0-2.fc23 - Fix broken problem details in abrt-cli/gnome-abrt abrt-2.7.0-1.fc23 - cli-ng: initial - bodhi: introduce wrapper for 'reporter-bugzilla -h' and 'abrt-bodhi' - handle-event: remove obsolete workaround - remove 'not needed' code - doc: change...

Scientific Linux Security Update : abrt and libreport on SL7.x x86_64 (20151123)

It was found that the ABRT debug information installer abrt-action- install-debuginfo-to-abrt-cache did not use temporary directories in a secure way. A local attacker could use the flaw to create symbolic links and files at arbitrary locations as the abrt user. CVE-2015-5273 It was discovered th...

CVE-2015-5302

libreport 2.0.7 before 2.6.3 only saves changes to the first file when editing a crash report, which allows remote attackers to obtain sensitive information via unspecified vectors related to the 1 backtrace, 2 cmdline, 3 environ, 4 openfds, 5 maps, 6 smaps, 7 hostname, 8 remote, 9 ks.cfg, or 10...

CVE-2015-5302

CVE-2015-5302 details (libreport) : Affects libreport up to version 2.0.7 prior to 2.6.3. The flaw occurs when editing a crash report, where only changes to the first file are saved, potentially exposing sensitive information via crash report attachments. The documented sensitive data includes fi...

CentOS 6 : libreport (CESA-2015:2504)

Updated libreport packages that fix one security issue are now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having Moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available...

libreport security update

CentOS Errata and Security Advisory CESA-2015:2504 Updated libreport packages that fix one security issue are now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having Moderate security impact. A Common Vulnerability Scoring System CVSS base score, whi...

CentOS 7 : abrt / libreport (CESA-2015:2505)

Updated abrt and libreport packages that fix three security issues are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, are...

abrt, libreport security update

CentOS Errata and Security Advisory CESA-2015:2505 Updated abrt and libreport packages that fix three security issues are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS base...

Oracle Linux 7 : abrt / and / libreport (ELSA-2015-2505)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2015-2505 advisory. - Fixes for: CVE-2015-5273 and CVE-2015-5287 - Fixes CVE-2015-5302 Tenable has extracted the preceding description block directly from the Oracle Linux...

Oracle: Security Advisory (ELSA-2015-2505)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

abrt and libreport security update

abrt 2.1.11-35.0.1 - Drop libreport-rhel and libreport-plugin-rhtsupport requires 2.1.11-35 - make /var/spool/abrt owned by root - remove 'r' from /var/spool/abrt for other users - abrt-action-install-debug-info: use secure temporary directory - stop saving abrt's core files to /var/spool/abrt if...

Scientific Linux Security Update : libreport on SL6.x i386/x86_64 (20151123)

It was found that ABRT may have exposed unintended information to Red Hat Bugzilla during crash reporting. A bug in the libreport library caused changes made by a user in files included in a crash report to be discarded. As a result, Bugzilla attachments may contain data that was not intended to ...

RHEL 7 : abrt and libreport (RHSA-2015:2505)

Updated abrt and libreport packages that fix three security issues are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, are...

RedHat Update for abrt and libreport RHSA-2015:2505-01

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

RHEL 6 : libreport (RHSA-2015:2504)

Updated libreport packages that fix one security issue are now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having Moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available...

Oracle: Security Advisory (ELSA-2015-2504)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Oracle Linux 6 : libreport (ELSA-2015-2504)

The remote Oracle Linux 6 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2015-2504 advisory. - Fixes CVE-2015-5302 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that Nessus has not tested fo...