Race condition in the createOutputFile function in logrotate.c in logrotate 3.7.9 and earlier allows local users to read log data by opening a file before the intended permissions are in place.Referenceshttp://openwall.com/lists/oss-security/2011/03/04/19http://openwall.com/lists/oss-security/2011/03/04/16http://openwall.com/lists/oss-security/2011/03/04/25http://openwall.com/lists/oss-security/2011/03/04/30http://openwall.com/lists/oss-security/2011/03/04/26http://openwall.com/lists/oss-security/2011/03/10/3http://openwall.com/lists/oss-security/2011/03/04/28http://openwall.com/lists/oss-security/2011/03/08/5http://secunia.com/advisories/43955http://openwall.com/lists/oss-security/2011/03/07/5http://openwall.com/lists/oss-security/2011/03/04/31http://www.vupen.com/english/advisories/2011/0961http://openwall.com/lists/oss-security/2011/03/04/17http://openwall.com/lists/oss-security/2011/03/10/6http://openwall.com/lists/oss-security/2011/03/06/3http://openwall.com/lists/oss-security/2011/03/04/29http://openwall.com/lists/oss-security/2011/03/07/6http://openwall.com/lists/oss-security/2011/03/05/6http://lists.fedoraproject.org/pipermail/package-announce/2011-April/057845.htmlhttp://openwall.com/lists/oss-security/2011/03/05/4http://www.vupen.com/english/advisories/2011/0791http://www.mandriva.com/security/advisories?name=MDVSA-2011:065http://openwall.com/lists/oss-security/2011/03/07/11http://openwall.com/lists/oss-security/2011/03/23/11http://openwall.com/lists/oss-security/2011/03/06/5https://bugzilla.redhat.com/show_bug.cgi?id=680798http://openwall.com/lists/oss-security/2011/03/04/18http://lists.fedoraproject.org/pipermail/package-announce/2011-March/056992.htmlhttp://openwall.com/lists/oss-security/2011/03/10/2http://www.redhat.com/support/errata/RHSA-2011-0407.htmlhttp://openwall.com/lists/oss-security/2011/03/11/3http://openwall.com/lists/oss-security/2011/03/10/7http://openwall.com/lists/oss-security/2011/03/05/8http://openwall.com/lists/oss-security/2011/03/04/22http://openwall.com/lists/oss-security/2011/03/11/5http://openwall.com/lists/oss-security/2011/03/04/27http://www.vupen.com/english/advisories/2011/0872http://openwall.com/lists/oss-security/2011/03/04/32http://openwall.com/lists/oss-security/2011/03/14/26http://openwall.com/lists/oss-security/2011/03/04/24http://openwall.com/lists/oss-security/2011/03/06/4http://openwall.com/lists/oss-security/2011/03/06/6http://openwall.com/lists/oss-security/2011/03/04/33
