Launchpad CVE tracker

CVE 2020-14019

Open-iSCSI rtslib-fb through 2.1.72 has weak permissions for /etc/target/saveconfig.json because shutil.copyfile (instead of shutil.copy) is used, and thus permissions are not preserved.

Related bugs and status

CVE-2020-14019 (Candidate) is related to these bugs:

Bug #1890243: Ubuntu autopkgtests is giving me "No module named pyudev" for PYBUILD tests

Summary				In	Importance	Status
	1890243	Ubuntu autopkgtests is giving me "No module named pyudev" for PYBUILD tests		python-rtslib-fb (Ubuntu)	Medium	Fix Released

See the

CVE page on Mitre.org for more details.

References

MISC: https://github.com/ope...
FEDORA: FEDORA-2020-46ec9e748b
SUSE: openSUSE-SU-2020:1156

Launchpad.net

CVE 2020-14019

Related bugs and status

Related bugs

References