Security Bulletin: A vulnerability in pigz affects PowerKVM (CVE-2015-1191)

Summary PowerKVM is affected by a vulnerability in pigz. IBM has now addressed this vulnerability. Vulnerability Details CVEID: CVE-2015-1191 DESCRIPTION: pigz could allow a remote attacker to traverse directories on the system, caused by an error in pigz.c. An attacker could send a...

CVE-2013-0296

Race condition in pigz before 2.2.5 uses permissions derived from the umask when compressing a file before setting that file's permissions to match those of the original file, which might allow local users to bypass intended access permissions while compression is occurring...