rsyslog: set status for CVE-2015-3243 - linux/meta-openembedded.git - Mirror of git.openembedded.org/meta-openembedded

diff options

author	Gyorgy Sarvari <skandigraun@gmail.com>	2025-11-17 09:58:47 +0100
committer	Anuj Mittal <anuj.mittal@oss.qualcomm.com>	2025-11-19 08:46:50 +0530
commit	65b4b2111086737b66bb13b537c6b34eb76bf4e8 (patch)
tree	e7acc201c95889f89b2b39b94e4fb93a4d4459cf /meta-python/recipes-devtools/python/python3-sqlparse
parent	55d4df5300cb11eb31b062fbabdeacee369d6c1b (diff)
download	meta-openembedded-65b4b2111086737b66bb13b537c6b34eb76bf4e8.tar.gz

rsyslog: set status for CVE-2015-3243

Details: https://nvd.nist.gov/vuln/detail/CVE-2015-3243 The issue is about file permissions: by default rsyslog creates world-readable files. In case a log message contains some sensitive information, then that's exposed to every user on the system. However the rsyslog.conf file that is shipped with the recipe solves it: it already sets non-world-readable default permissions on all files, so this vulnerability is fixed in the default OE recipe. See also this package in OpenSuse[1], where it is solved the same way. [1]: https://build.opensuse.org/requests/619439/changes (rsyslog.conf.in) Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com> Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com>

Diffstat (limited to 'meta-python/recipes-devtools/python/python3-sqlparse')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: