Fedora Legacy Test Update Notification: udev

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



---------------------------------------------------------------------
Fedora Legacy Test Update Notification
FEDORALEGACY-2006-175818
Bugzilla https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=175818
2006-02-26
---------------------------------------------------------------------

Name        : udev
Versions    : fc2: udev-024-6.2.legacy
Versions    : fc3: udev-039-10.FC3.9.legacy
Summary     : A userspace implementation of devfs
Description :
udev is a implementation of devfs in userspace using sysfs and
/sbin/hotplug. It requires a 2.6 kernel to run properly.

---------------------------------------------------------------------
Update Information:

Updated udev packages that fix a security issue are now available.

The udev package contains an implementation of devfs in userspace using
sysfs and /sbin/hotplug.

Richard Cunningham discovered a flaw in the way udev sets permissions on
various files in /dev/input. It may be possible for an authenticated
attacker to gather sensitive data entered by a user at the console, such
as passwords. The Common Vulnerabilities and Exposures project has
assigned the name CVE-2005-3631 to this issue.

All users of udev should upgrade to these updated packages, which
contain a backported patch and are not vulnerable to this issue.

---------------------------------------------------------------------
Changelogs

fc2:
* Sun Feb 26 2006 Marc Deslauriers <marcdeslauriers@xxxxxxxxxxxx>
024-6.2.legacy
- Added missing glib2-devel to BuildRequires

* Sun Feb 19 2006 Marc Deslauriers <marcdeslauriers@xxxxxxxxxxxx>
024-6.1.legacy
- Changed permissions for input to fix CVE-2005-3631

fc3:
* Sun Feb 19 2006 Marc Deslauriers <marcdeslauriers@xxxxxxxxxxxx> -
039-10.FC3.9.legacy
- Change input permissions to fix CVE-2005-3631

---------------------------------------------------------------------
This update can be downloaded from:
  http://download.fedoralegacy.org/
(sha1sums)

fc2:
d2b2850b4066a595a4d3c162e151dc27c5b43198
fedora/2/updates-testing/i386/udev-024-6.2.legacy.i386.rpm
9ed5ef68d64987f8f644da065399d6885e7e1176
fedora/2/updates-testing/SRPMS/udev-024-6.2.legacy.src.rpm

fc3:
a2682a89f6fe03c2f2c2401caa511c299c1ae1cc
fedora/3/updates-testing/i386/udev-039-10.FC3.9.legacy.i386.rpm
fbcf92e15337b34511d4a305100d6797d644a84e
fedora/3/updates-testing/x86_64/udev-039-10.FC3.9.legacy.x86_64.rpm
fe4e15a6ac3d4d80ce3db01f08a75c93985964e8
fedora/3/updates-testing/SRPMS/udev-039-10.FC3.9.legacy.src.rpm

---------------------------------------------------------------------

Please test and comment in bugzilla.

Attachment: signature.asc
Description: OpenPGP digital signature

--

fedora-legacy-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-legacy-list

[Index of Archives]     [Fedora Development]     [Fedora Announce]     [Fedora Legacy Announce]     [Fedora Config]     [PAM]     [Fedora General Discussion]     [Big List of Linux Books]     [Gimp]     [Yosemite Questions]

  Powered by Linux