9 matches found
SUSE CVE-2017-7572
The checkPolkitPrivilege function in serviceHelper.py in Back In Time aka backintime 1.1.18 and earlier uses a deprecated polkit authorization method unix-process that is subject to a race condition time of check, time of use. With this authorization method, the owner of a process requesting a...
Fedora 26 : backintime (2017-36eb9502b0)
update to 1.1.20 - fixes CVE-2017-7572 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues...
openSUSE Security Update : backintime (openSUSE-2017-525)
This update for backintime to version 1.1.20 fixes several issues. These security issues were fixed : - CVE-2017-7572: The checkPolkitPrivilege function in serviceHelper.py in backintime used a deprecated polkit authorization method unix-process that is subject to a race condition time of check,...
Fedora 25 : backintime (2017-8dce7a3940)
update to 1.1.20 - fixes CVE-2017-7572 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues...
Fedora 24 : backintime (2017-7c9a9b2b36)
update to 1.1.20 - fixes CVE-2017-7572 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues...
Fedora Update for backintime FEDORA-2017-7c9a9b2b36
The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora Update for backintime FEDORA-2017-8dce7a3940
The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2017-7572
The checkPolkitPrivilege function in serviceHelper.py in Back In Time aka backintime 1.1.18 and earlier uses a deprecated polkit authorization method unix-process that is subject to a race condition time of check, time of use. With this authorization method, the owner of a process requesting a...
CVE-2017-7572
CVE-2017-7572 affects Back In Time (backintime) up to version 1.1.18, where _checkPolkitPrivilege in serviceHelper.py uses a deprecated polkit method (unix-process) vulnerable to a race condition via /proc//status, enabling privilege elevation given the timing of check/use. Public patching update...