1
Candidate: CVE-2017-7501
4
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7501
5
https://bugzilla.redhat.com/show_bug.cgi?id=1452133
7
It was found that versions of rpm before 4.13.0.2 use temporary files with
8
predictable names when installing an RPM. An attacker with ability to write
9
in a directory where files will be installed could create symbolic links to
10
an arbitrary location and modify content, and possibly permissions to
11
arbitrary files, which could be used for denial of service or possibly
21
upstream_rpm: needs-triage
22
precise/esm_rpm: needs-triage
23
trusty_rpm: needs-triage
24
vivid/ubuntu-core_rpm: DNE
25
xenial_rpm: needs-triage
26
yakkety_rpm: ignored (reached end-of-life)
27
zesty_rpm: ignored (reached end-of-life)
28
artful_rpm: needs-triage
29
bionic_rpm: needs-triage
30
devel_rpm: needs-triage