CVE-2015-1200 (retired)

Priority
Description
Race condition in pxz 4.999.99 Beta 3 uses weak file permissions for the
output file when compressing a file before changing the permission to match
the original file, which allows local users to bypass the intended access
restrictions.
Notes
Package
Source: pxz (LP Ubuntu Debian)
Upstream:released (4.999.99~beta3+git659fc9b-3, 4.999.99~beta3+gitfcfea93-1)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE (trusty was needed)
Ubuntu 16.04 LTS (Xenial Xerus):not-affected (4.999.99~beta3+git659fc9b-3)
Ubuntu 18.04 LTS (Bionic Beaver):not-affected (4.999.99~beta3+git659fc9b-3)
Ubuntu 19.04 (Disco Dingo):DNE
Ubuntu 19.10 (Eoan):DNE
More Information

Updated: 2019-10-09 07:52:11 UTC (commit 33aea848a182c0afcd0a3f927a01a7ecd9a061ee)