OpenRC/opentmpfiles

Releases7

Frequency7 months 3 weeks

Last Release over 5 years ago

Stars27

a standalone utility for handling systemd-style tmpfiles.d settings

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2017-18925 ↗	Oct 26, 2020Monday, 26 October 2020, 18:15	5.5 MEDIUM	2.1 LOW
opentmpfiles through 0.3.1 allows local users to take ownership of arbitrary files because d entries are mishandled and allow a symlink attack.
CVE-2017-18188 ↗	Feb 14, 2018Wednesday, 14 February 2018, 20:29	—	2.1 LOW
OpenRC opentmpfiles through 0.1.3, when the fs.protected_hardlinks sysctl is turned off, allows local users to obtain ownership of arbitrary files by creating a hard link inside a directory on which "chown -R" will be run.