Hi * Tue May 06 2014 Josh Boyer <jwboyer@xxxxxxxxxxxxxxxxx> - CVE-2014-0196 pty race leading to memory corruption (rhbz 1094232 1094240) is that only missing in the kernel-3.14.3-100.fc19 but present or only kernel-3.14.3-200.fc20 for now contains that fix? there was also a warning on the CentOS list for that issue -------- Original-Nachricht -------- Betreff: [CentOS] Heads up on local root escalation Datum: Mon, 12 May 2014 19:13:12 +0100 Von: James Hogarth <james.hogarth@xxxxxxxxx> Antwort an: CentOS mailing list <centos@xxxxxxxxxx> An: CentOS mailing list <centos@xxxxxxxxxx> Remember to be especially aware if you have systems that can potentially have code uploaded and run (ftp to httpd vhost or improper php config and file ownership/permissions). This does not affect el5 ... an el6 update is pending. https://access.redhat.com/security/cve/CVE-2014-0196
_______________________________________________ kernel mailing list kernel@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/kernel
