Re: vuln needs investigation and need a new form

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Mon, 2004-01-12 at 12:29, Jason wrote:
> On Mon, Jan 12, 2004 at 09:14:28AM -0800, Jesse Keating wrote:
> Content-Description: signed data
> > On Monday 12 January 2004 08:53, Jason wrote:
> > > Seth posted a src.rpm to the list a week or so ago for cvs to fix a
> > > more serious root exploit vuln.  I was in the process of verifying it
> > > to submit to the bugzilla, so I can check this out as well and patch
> > > it in.
> > 
> > You know what?  I wonder if this is the same vuln....  I could be just 
> > cracked in the head.
> 
> It's not .. one is a directory creation problem.. and one is a broken 
> switch_to_user routine, allowing switching to the root user.
> 

killed the old patch, applied the one from the rh9 errata, now both bugs
have been treated.

posted at:

http://linux.duke.edu/~skvidal/RPMS/cvs/

-sv





[Index of Archives]     [Fedora Development]     [Fedora Announce]     [Fedora Legacy Announce]     [Fedora Config]     [PAM]     [Fedora General Discussion]     [Big List of Linux Books]     [Gimp]     [Yosemite Questions]

  Powered by Linux