An ELOG vulnerability has been reported, thanks to Asif Akbar of Trend Micro Security Researchworking with Trend Micro's Zero Day Initiative:
https://www.zerodayinitiative.com/advisories/ZDI-20-252/
The issue has been fixed in the current release 3.1.4-033e292 and in the RPM http://elog.psi.ch/elog/download/RPMS/elog-latest.x86_64.rpm
Best,
Stefan
|