require /etc/tcsd.conf to be owned by root:tss mode 640 for CVE-2020-24331

2020-09-29 19:57:09 +08:00 · 2020-09-29 19:57:09 +08:00 · 6ddffed868
commit 6ddffed868
parent ba6ed4466a
1 changed files with 5 additions and 2 deletions
--- a/trousers.spec
+++ b/trousers.spec
@ -1,6 +1,6 @@
 Name:         trousers
 Version:      0.3.14
-Release:      4
+Release:      5
 Summary:      The open-source TCG Software Stack
 License:      BSD
 Url:          http://trousers.sourceforge.net
@ -74,7 +74,7 @@ exit 0
 %doc README ChangeLog AUTHORS
 %license LICENSE
 %{_sbindir}/tcsd
-%config(noreplace) %attr(0600, tss, tss) %{_sysconfdir}/tcsd.conf
+%config(noreplace) %attr(0640, root, tss) %{_sysconfdir}/tcsd.conf
 %attr(0644,root,root) %{_unitdir}/tcsd.service
 %attr(0700, tss, tss) %{_localstatedir}/lib/tpm/
 %{_libdir}/libtspi.so.*
@ -93,6 +93,9 @@ exit 0


 %changelog
+* Tue Sep 29 2020 Hugel <gengqihu1@huawei.com> - 1.9.8-5
+- require /etc/tcsd.conf to be owned by root:tss mode 640 for CVE-2020-24331
+
 * Mon Sep 14 2020 wangchen <wangchen137@huawei.com> - 1.9.8-4
 - Fix CVE-2020-24330 CVE-2020-24331 CVE-2020-24332