kernel: umask not applied on filesystem without ACL support

A vulnerability was found in NFSv4.2 in the Linux kernel, where a server fails to correctly apply umask when creating a new object on filesystem without ACL support for example, ext4 with the "noacl" mount option. This flaw allows a local attacker with a user privilege to cause a kernel informati...

PYSEC-2020-34

An issue was discovered in Django 2.2 before 2.2.16, 3.0 before 3.0.10, and 3.1 before 3.1.1 when Python 3.7+ is used. The intermediate-level directories of the filesystem cache had the system's standard umask rather than 0o077...

UBUNTU-CVE-2017-1000382

VIM version 8.0.1187 and other versions most likely ignores umask when creating a swap file "ORIGINALFILENAME.swp" resulting in files that may be world readable or otherwise accessible in ways not intended by the user running the vi binary...

cpio security update

CentOS Errata and Security Advisory CESA-2005:806-01 An updated cpio package that fixes multiple issues is now available. This update has been rated as having low security impact by the Red Hat Security Response Team. GNU cpio copies files into or out of a cpio or tar archive. A race condition bu...

RHEL 3 : cpio (RHSA-2005:080)

An updated cpio package that fixes a umask bug and supports large files 2GB is now available. This update has been rated as having low security impact by the Red Hat Security Response Team GNU cpio copies files into or out of a cpio or tar archive. It was discovered that cpio uses a 0 umask when...