Cut-and-paste error means fchown call attempts to change uid when it should be changing gid. Not a security issue due to this being restricted to what the current user can change without elevated privileges.
Noticed by "Rungta, Vandana" <firstname.lastname@example.org>.
Patch to follow.
Created attachment 14116 [details]
git-am fix for 4.7.next, 4.8.next.
Cherry-picked from master. Applies cleanly to both branches.
@Karo: Please apply for 4.7.next and 4.8.next .
I'd like to get this into 4.6 too, but given that it's not strictly a sec fix I guess we'll have to carry it downstream.
(In reply to David Disseldorp from comment #2)
@David, there will be a last bugfix release for 4.6 tomorrow.
(In reply to Karolin Seeger from comment #3)
@Karo: in that case, could you please apply the same patch to 4.6.next - I've reviewed and build-tested it against v4-6-test.
(In reply to David Disseldorp from comment #4)
Sure, thanks! :-)
Pushed to autobuild-v4-[8,7,6]-test.
(In reply to Karolin Seeger from comment #5)
Pushed to all branches.
Closing out bug report.