CVE-2011-0523 Information

Description

gypsy 0.8 does not properly restrict the files that can be read while running with root privileges which allows local users to read otherwise restricted files via unspecified vectors.

Reference

http://cgit.freedesktop.org/gypsy/commit/?id=40101707cddb319481133b2a137294b6b669bd16 http://lists.fedoraproject.org/pipermail/package-announce/2013-May/106919.html http://lists.fedoraproject.org/pipermail/package-announce/2013-May/106927.html http://lists.fedoraproject.org/pipermail/package-announce/2013-May/107020.html http://lists.opensuse.org/opensuse-updates/2012-07/msg00034.html http://secunia.com/advisories/49991 http://www.openwall.com/lists/oss-security/2011/01/24/10 http://www.openwall.com/lists/oss-security/2011/01/25/10 https://bugs.freedesktop.org/show_bug.cgi?id=33431 https://bugs.launchpad.net/ubuntu/+source/gypsy/+bug/690323