Overview

File _patchinfo of Package patchinfo.14746

<patchinfo incident="14746">
  <issue tracker="bnc" id="1146785">AUDIT-FIND: resource-agents: Static tmp file in oradg.sh.in</issue>
  <issue tracker="bnc" id="1146691">AUDIT-FIND: resource-agents: Predictable log file in /tmp in mariadb.in</issue>
  <issue tracker="bnc" id="1146787">AUDIT-FIND: resource-agents: Static tmp file in caselib.in</issue>
  <issue tracker="bnc" id="1021689">AUDIT-TRACKER: resource-agents: ocfmon user created with "OCFMON" as default password</issue>
  <issue tracker="bnc" id="1146692">AUDIT-FIND: resource-agents: Predictable tmp file in ClusterMon</issue>
  <issue tracker="bnc" id="1146687">AUDIT-FIND: resource-agents: Static default credentials</issue>
  <issue tracker="bnc" id="1146776">AUDIT-FIND: resource-agents: Code execution via insecure tmp files in db2</issue>
  <issue tracker="bnc" id="1146784">AUDIT-FIND: resource-agents: Static tmp file in drbd.linbit</issue>
  <issue tracker="bnc" id="1146690">AUDIT-FIND: resource-agents: Predictable tmp file in sapdb-nosha.sh</issue>
  <issue tracker="bnc" id="1146766">AUDIT-FIND: resource-agents: Insecure default tmp file name in openstack-cinder-volume</issue>
  <packager>varkoly</packager>
  <rating>important</rating>
  <category>security</category>
  <summary>Security update for resource-agents</summary>
  <description>This update for resource-agents fixes the following issues:

- Fixed multiple vulnerabilities related to unsafe tempfile usage.
  (bsc#1146690 bsc#1146691 bsc#1146692 bsc#1146766 bsc#1146776 
  bsc#1146784 bsc#1146785 bsc#1146787)
- Fixed issues where the ocfmon user was created with a default password (bsc#1021689, bsc#1146687).
</description>
</patchinfo>
openSUSE Build Service is sponsored by
Places