Hello everyone, I've just tagged oddjob 0.34.5:
- This release includes a security fix for a possible race condition in the
mkhomedir helper. Matthias Gerstner of the SUSE security team found the flaw
and supplied a patch for it, and for that I'm grateful.
It has been assigned the CVE identifier CVE-2020-10737 and its CVSS/v3.1
score is: 6.3/CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H.
- This release also incorporates a non-security fix from Alexander Bokovoy for
some of the SELinux support logic to make it operate better on systems where
SELinux isn't enabled.
Updated sources can be found in the "release folder" linked from the releases
page at
https://pagure.io/oddjob/releases
Thanks,
Nalin