Name of the Vulnerable Software and Affected Versions Mageia 4 versions (affected versions not specified, but only new installations are affected)

Description A security issue was identified where the /etc/shadow and /etc/gshadow files containing password hashes were created with incorrect permissions, making them world-readable. This issue only affected new installations of Mageia 4. The problem has been fixed by ensuring that these files are owned by the root user and shadow group, and are only readable by those two entities.

Recommendations For new Mageia 4 installations, update the setup package to the latest version to fix the issue. At the moment, there is no information about additional mitigation measures for this specific issue.