Matthias Gerstner changed bug 1203018

What	Removed	Added
Group	SUSE Security Internal, novellonly
Summary	VUL-0: EMBARGOED: CVE-2022-31252: permissions: chkstat does not check for group-writable parent directories or target files in safeOpen()	VUL-0: CVE-2022-31252: permissions: chkstat does not check for group-writable parent directories or target files in safeOpen()

Comment # 2 on bug 1203018 from Matthias Gerstner

We're fixing this in the open, therefore publishing this bug.

I just opened a PR# [1] with a first shot at fixing this in the current C++
code. This also adds test coverage.

[1]: https://github.com/openSUSE/permissions/pull/152

You are receiving this mail because:

You are on the CC list for the bug.