From 522fa4e6f267ba688a264ceec8d6c79663b61219 Mon Sep 17 00:00:00 2001 From: V3n3RiX Date: Sun, 8 Oct 2023 12:03:01 +0100 Subject: gentoo auto-resync : 08:10:2023 - 12:03:01 --- metadata/glsa/glsa-202310-08.xml | 42 ++++++++++++++++++++++++++++++++++++++++ 1 file changed, 42 insertions(+) create mode 100644 metadata/glsa/glsa-202310-08.xml (limited to 'metadata/glsa/glsa-202310-08.xml') diff --git a/metadata/glsa/glsa-202310-08.xml b/metadata/glsa/glsa-202310-08.xml new file mode 100644 index 000000000000..3b79a879099d --- /dev/null +++ b/metadata/glsa/glsa-202310-08.xml @@ -0,0 +1,42 @@ + + + + man-db: privilege escalation + A root privilege escalation through setuid executable and cron job has been discovered in man-db. + man-db + 2023-10-08 + 2023-10-08 + 662438 + remote + + + 2.8.5 + 2.8.5 + + + +

man-db is a man replacement that utilizes BerkeleyDB instead of flat files.

+ + +

A root privilege escalation through setuid executable and cron job has been discovered in man-db. Please review the CVE identifier referenced below for details.

+ + +

A local user with access to the man user or group can elevate privileges to root.

+ + +

There is no known workaround at this time.

+ + +

All man-db users should upgrade to the latest version:

+ + + # emerge --sync + # emerge --ask --oneshot --verbose ">=sys-apps/man-db-2.8.5" + + + + CVE-2018-25078 + + graaff + graaff + \ No newline at end of file -- cgit v1.2.3