[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Health-dev] [bug #58584] Various security issues for gnuhealth-control

From: Axel Braun
Subject: [Health-dev] [bug #58584] Various security issues for gnuhealth-control
Date: Tue, 16 Jun 2020 13:42:56 -0400 (EDT)
User-agent: Mozilla/5.0 (X11; Linux x86_64; rv:77.0) Gecko/20100101 Firefox/77.0


                 Summary: Various security issues for gnuhealth-control
                 Project: GNU Health
            Submitted by: coogor
            Submitted on: Tue 16 Jun 2020 05:42:54 PM UTC
                Category: Security
                Severity: 4 - Important
              Item Group: None
                  Status: None
                 Privacy: Private
             Assigned to: None
             Open/Closed: Open
                 Release: None
         Discussion Lock: Any
                  Module: gnuhealth-control



The SUSE security team has conducted an audit on gnuhealth-control and found
issues related to:
(Local privilege escalation in gnuhealth-control, use of static tmp file/http
transport )
(Local DoS of backup functionality in gnuhealth-control due to use of static
tmp files)

These issues are fixed in gnuhaelth-control shipped with openSUSE, but not yet
in gnuhealth-vanilla

The attached gnuhealth-control should fix the issues mentioned above


File Attachments:

Date: Tue 16 Jun 2020 05:42:54 PM UTC  Name: gnuhealth-control_364  Size:
19KiB   By: coogor
gnuhealth-control with fixes applied


Reply to this item at:


  Message sent via Savannah

reply via email to

[Prev in Thread] Current Thread [Next in Thread]