git.ipfire.org Git - thirdparty/asterisk.git/commit

]> git.ipfire.org Git - thirdparty/asterisk.git/commit

projects / thirdparty / asterisk.git / commit

author	Mike Bradeen <mbradeen@sangoma.com>
	Thu, 15 Jan 2026 20:52:30 +0000 (13:52 -0700)
committer	github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
	Thu, 5 Feb 2026 15:25:18 +0000 (15:25 +0000)
commit	a1c7ab47ca14dc41822bf5f44a5fd5cb563daa68
tree	0d9bf815753e6599a8cb5dee06744cf1ecd40858	tree
parent	4f8aa579cef907569f5c9dd8c7332844577ae756	commit \| diff

ast_coredumper: check ast_debug_tools.conf permissions

Prevent ast_coredumper from using ast_debug_tools.conf files that are
not owned by root or are writable by other users or groups.

Prevent ast_logescalator and ast_loggrabber from doing the same if
they are run as root.

Resolves: #GHSA-rvch-3jmx-3jf3

UserNote: ast_debug_tools.conf must be owned by root and not be
writable by other users or groups to be used by ast_coredumper or
by ast_logescalator or ast_loggrabber when run as root.

contrib/scripts/ast_coredumper		diff \| blob \| blame \| history
contrib/scripts/ast_logescalator		diff \| blob \| blame \| history
contrib/scripts/ast_loggrabber		diff \| blob \| blame \| history

Mirror of https://github.com/asterisk/asterisk.git

RSS Atom