CVE-2005-3148

NameCVE-2005-3148
DescriptionStoreBackup before 1.19 does not properly set the uid and guid for symbolic links (1) that are backed up by storeBackup.pl, or (2) recovered by storeBackupRecover.pl, which could cause files to be restored with incorrect ownership.
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more)
ReferencesDSA-1022-1
Debian Bugs332434

Vulnerable and fixed packages

The table below lists information on source packages.

Source PackageReleaseVersionStatus
storebackup (PTS)buster3.2.1-2~deb10u1fixed
sid, trixie, bookworm, bullseye3.2.1-2fixed

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
storebackupsourcesarge1.18.4-2sarge1DSA-1022-1
storebackupsource(unstable)1.19-1332434

Search for package or bug name: Reporting problems