CVE-2020-14019
pypi/rtslib-fb
Incorrect Default Permissions
Open-iSCSI rtslib-fb has weak permissions for /etc/target/saveconfig.json
because shutil.copyfile
(instead of shutil.copy
) is used, and thus permissions are not preserved.
All versions up to 2.1.72
Upgrade to version 2.1.73 or above.
2020-06-25
source |