fedora-qa / blocker-review

#1578 [rpm-ostree] CVE-2024-2905 rpm-ostree: world-readable /etc/shadow file [fedora-all] | rhbz#2274140
Closed by blockerbot. Opened by blockerbot.

Closed
Reopen Issue

Bug details: ** https://bugzilla.redhat.com/show_bug.cgi?id=2274140 **
Information from BlockerBugs App:
2274140

Current vote summary

The votes have been last counted at 2024-04-09 15:50 UTC and the last processed comment was #comment-904768

To learn how to vote, see:
https://pagure.io/fedora-qa/blocker-review
A quick example: BetaBlocker +1 (where the tracker name is one of BetaBlocker/FinalBlocker/BetaFE/FinalFE/0Day/PreviousRelease and the vote is one of +1/0/-1)

FinalBlocker +1

FinalBlocker +1

Technically Red Hat security rates this as "moderate", but that's mainly because it doesn't happen to really affect any significant RH products. I think it's reasonable to say its impact on Fedora CoreOS and IoT (both release-blocking editions) is "important" on the RH scale. (To be fair there's also an argument for "moderate" since you only get hashed passwords, but...meh.)
Edited by adamwill

FinalBlocker +1

FinalBlocker +1

AGREED AcceptedFinalBlocker

The following votes have been closed:

Metadata Update from @blockerbot:
- Issue status updated to: Closed (was: Open)

Release F40 is no longer tracked by BlockerBugs, closing this ticket.
Metadata
None
None
None
None
None
Static archive. pagure.io was sunset in 2026; this is a read-only snapshot.
Red Hat Logo

Fedora is sponsored by Red Hat. Learn more about the relationship between Red Hat and Fedora »

© Red Hat, Inc. and others.