1
Candidate: CVE-2011-1550
4
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1550
5
http://openwall.com/lists/oss-security/2011/03/04/16
7
The default configuration of logrotate on SUSE openSUSE Factory uses root
8
privileges to process files in directories that permit non-root write
9
access, which allows local users to conduct symlink and hard link attacks
10
by leveraging logrotate's lack of support for untrusted directories, as
11
demonstrated by directories for the (1) cobbler, (2) inn, (3)
12
safte-monitor, and (4) uucp packages.
15
mdeslaur> SUSE-specific CVE (see CVE-2011-1548 for Debian)
22
upstream_logrotate: needs-triage
23
dapper_logrotate: not-affected
24
hardy_logrotate: not-affected
25
karmic_logrotate: not-affected
26
lucid_logrotate: not-affected
27
maverick_logrotate: not-affected
28
devel_logrotate: not-affected