Control: fixed -1 1.4.8+dfsg-1
Control: tag -1 patch
Greetings,
This critical issue is affecting Stable. Permissions at
compression time are inherited from umask, this may be too
relaxed when handling sensitive files.
Fortunately, this seems to have been fixed upstream around
version 1.4.1.
Package: zstd
Version: 1.3.8+dfsg-3
Severity: critical
Compressing a large file with restricted access permissions a new,
world readable file is created, revealing the contents of the
uncompressed file. Sample:
# whoami
root
# zstd -q -13 -T8 sample.dmp &> zstd.log &
:
:
# ls -al
total
2 matches
Mail list logo