Overview

Request 731364 superseded

Primarily a fix for CVE-2019-3689
- Don't make /var/lib/nfs owned by statd.
Only sm and sm.bak need to be accessible by
statd or sm-notify after they drop privs.
Providing they get created, the parent
directory can be root-owned.
- 0007-statd-user-from-sm
Change rpc.statd and sm-notify to take uid from the sm
directory.
(bsc#1150733 CVE-2019-3689)

- 0006-nfs.conf-silence-include-error.patch
Avoid an unhelpful warning (bsc#1150807)

Request History
Neil Brown's avatar

neilbrown created request

Primarily a fix for CVE-2019-3689
- Don't make /var/lib/nfs owned by statd.
Only sm and sm.bak need to be accessible by
statd or sm-notify after they drop privs.
Providing they get created, the parent
directory can be root-owned.
- 0007-statd-user-from-sm
Change rpc.statd and sm-notify to take uid from the sm
directory.
(bsc#1150733 CVE-2019-3689)

- 0006-nfs.conf-silence-include-error.patch
Avoid an unhelpful warning (bsc#1150807)

Factory Auto's avatar

factory-auto added opensuse-review-team as a reviewer

Please review sources

Factory Auto's avatar

factory-auto accepted review

Check script succeeded

Saul Goodman's avatar

licensedigger accepted review

ok

Jan Engelhardt's avatar

jengelh accepted review

Staging Bot's avatar

staging-bot set openSUSE:Factory:Staging:J as a staging project

Being evaluated by staging project "openSUSE:Factory:Staging:J"

Staging Bot's avatar

staging-bot accepted review

Picked openSUSE:Factory:Staging:J

Neil Brown's avatar

neilbrown superseded request

superseded by 732555

openSUSE Build Service is sponsored by
Places