medium
4
Advisory Published
Updated

REDHAT-BUG-1059410

First published: Wed Jan 29 2014(Updated: )

These aren't security flaws, precisely, due to some of the other defaults that Fedora has that other distros/vendors may not, but upstream recently did some hardening to the defaults they provide (and we don't change) based on Martin Carpenter's report. <a href="https://git.enlightenment.org/core/enlightenment.git/commit/?id=9456e88504cb5daddbac3f49373a3a9a8577e27a">https://git.enlightenment.org/core/enlightenment.git/commit/?id=9456e88504cb5daddbac3f49373a3a9a8577e27a</a> commit 9456e88504cb5daddbac3f49373a3a9a8577e27a Author: Carsten Haitzler (Rasterman) &lt;raster&gt; Date: Fri Dec 6 09:19:08 2013 +0900 e_sys - fix busy spin problem with security clamp-down <a href="https://git.enlightenment.org/core/enlightenment.git/commit/?id=666df815cd86a50343859bce36c5cf968c5f38b0">https://git.enlightenment.org/core/enlightenment.git/commit/?id=666df815cd86a50343859bce36c5cf968c5f38b0</a> commit 666df815cd86a50343859bce36c5cf968c5f38b0 Author: Carsten Haitzler (Rasterman) &lt;raster&gt; Date: Sun Dec 1 11:48:49 2013 +0900 e_sys - address security concerns with environment - more add more environment variables to nuke and add alternate envrionment nuke method to raise security level. <a href="https://git.enlightenment.org/core/enlightenment.git/commit/?id=bb4a21e98656fe2c7d98ba2163e6defe9a630e2b">https://git.enlightenment.org/core/enlightenment.git/commit/?id=bb4a21e98656fe2c7d98ba2163e6defe9a630e2b</a> commit bb4a21e98656fe2c7d98ba2163e6defe9a630e2b Author: Carsten Haitzler (Rasterman) &lt;raster&gt; Date: Sat Nov 30 22:26:30 2013 +0900 e_sys - address security concerns with environment and gdb 1. clear out environment as best is possible before executing anything. especially PATH and IFS are set to minimal base defaults. also use clearenv() if available and unsetenv() 2. remove gdb method as it's just too dangerous. run it as normal as the user and if the kernel / distro dny that - then sorry. too bad.

Affected SoftwareAffected VersionHow to fix
Enlightenment Terminology

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Reference Links

Frequently Asked Questions

  • What is the severity of REDHAT-BUG-1059410?

    The severity of REDHAT-BUG-1059410 is low as it does not constitute a security flaw.

  • How do I fix REDHAT-BUG-1059410?

    To address REDHAT-BUG-1059410, ensure that you are using the recommended default configurations provided by upstream Enlightenment.

  • What software is affected by REDHAT-BUG-1059410?

    REDHAT-BUG-1059410 affects the Enlightenment desktop environment.

  • What has been changed in REDHAT-BUG-1059410?

    REDHAT-BUG-1059410 involves hardening default configurations based on upstream recommendations.

  • Who reported the changes in REDHAT-BUG-1059410?

    The changes leading to REDHAT-BUG-1059410 were reported by Martin Carpenter.

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2025 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203