CVE-2019-11675
The CVE-2019-11675 issue concerns the groonga-httpd package (Debian) version 6.1.5-1, where ownership of /var/log/groonga is set to the groonga account. The underlying root cause is an unsafe interaction with logrotate that enables a local attacker to exploit a race condition to create a symlink ...