apko is vulnerable to attack through incorrect permissions in /etc/ld.so.cache and other files

It was discovered that the ld.so.cache in images generated by apko had file system permissions mode 0666: bash-5.3 find / -type f -perm -o+w /etc/ld.so.cache...

SUSE: Security Advisory (SUSE-SU-2019:1102-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE SLED12 / SLES12 Security Update : glibc (SUSE-SU-2019:1102-1)

This update for glibc fixes the following issues : Security issues fixed : CVE-2019-9169: regex: fix read overrun bsc1127308, BZ 24114 CVE-2016-10739: Fully parse IPv4 address strings bsc1122729, BZ 20018 CVE-2009-5155: ERE '0|0|\1|0' causes regexec undefined behavior bsc1127223, BZ 18986...

Mandrake Linux Security Advisory : glibc (MDKSA-2001:012)

The LDPRELOAD variable in the GNU C Library is honoured normally even for SUID/SGID applications but removed afterwards from the environment if it does not contain '/' characters. There is a special check which only preloads found libraries if they have the SUID bit set. However, if a library has...

CVE-2001-0169

CVE-2001-0169 : The GNU C Library (glibc) fails to verify that libraries loaded via LD_PRELOAD into SUID/SGID processes are also non-SUID/non-SGID when they come from /etc/ld.so.cache, enabling a local user to pre-load a library from /lib or /usr/lib and overwrite privileged files. Documented in ...