1
Candidate: CVE-2012-0787
4
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0787
6
The clone_file function in transfer.c in Augeas before 1.0.0, when
7
copy_if_rename_fails is set and EXDEV or EBUSY is returned by the rename
8
function, allows local users to overwrite arbitrary files and obtain
9
sensitive information via a bind mount on the (1) .augsave or (2)
10
destination file when using the backup save option, or (3) .augnew file
11
when using the newfile save option.
15
https://bugzilla.redhat.com/show_bug.cgi?id=772261
21
upstream: https://git.fedorahosted.org/cgit/augeas.git/commit/?id=b8de6a8c
22
upstream_augeas: released (1.0.0-1)
23
lucid_augeas: ignored (reached end-of-life)
24
precise_augeas: ignored (reached end-of-life)
25
precise/esm_augeas: DNE (precise was needed)
26
quantal_augeas: ignored (reached end-of-life)
27
raring_augeas: ignored (reached end-of-life)
28
saucy_augeas: not-affected (1.0.0-1)
29
trusty_augeas: not-affected (1.0.0-1)
30
utopic_augeas: not-affected (1.0.0-1)
31
vivid_augeas: not-affected (1.0.0-1)
32
vivid/stable-phone-overlay_augeas: DNE
33
vivid/ubuntu-core_augeas: DNE
34
wily_augeas: not-affected (1.0.0-1)
35
xenial_augeas: not-affected (1.0.0-1)
36
yakkety_augeas: not-affected (1.0.0-1)
37
zesty_augeas: not-affected (1.0.0-1)
38
devel_augeas: not-affected (1.0.0-1)