--------------------------------------------------------------------- Fedora Legacy Test Update Notification FEDORALEGACY-2006-175818 Bugzilla https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=175818 2006-02-26 --------------------------------------------------------------------- Name : udev Versions : fc2: udev-024-6.2.legacy Versions : fc3: udev-039-10.FC3.9.legacy Summary : A userspace implementation of devfs Description : udev is a implementation of devfs in userspace using sysfs and /sbin/hotplug. It requires a 2.6 kernel to run properly. --------------------------------------------------------------------- Update Information: Updated udev packages that fix a security issue are now available. The udev package contains an implementation of devfs in userspace using sysfs and /sbin/hotplug. Richard Cunningham discovered a flaw in the way udev sets permissions on various files in /dev/input. It may be possible for an authenticated attacker to gather sensitive data entered by a user at the console, such as passwords. The Common Vulnerabilities and Exposures project has assigned the name CVE-2005-3631 to this issue. All users of udev should upgrade to these updated packages, which contain a backported patch and are not vulnerable to this issue. --------------------------------------------------------------------- Changelogs fc2: * Sun Feb 26 2006 Marc Deslauriers <marcdeslauriers@xxxxxxxxxxxx> 024-6.2.legacy - Added missing glib2-devel to BuildRequires * Sun Feb 19 2006 Marc Deslauriers <marcdeslauriers@xxxxxxxxxxxx> 024-6.1.legacy - Changed permissions for input to fix CVE-2005-3631 fc3: * Sun Feb 19 2006 Marc Deslauriers <marcdeslauriers@xxxxxxxxxxxx> - 039-10.FC3.9.legacy - Change input permissions to fix CVE-2005-3631 --------------------------------------------------------------------- This update can be downloaded from: http://download.fedoralegacy.org/ (sha1sums) fc2: d2b2850b4066a595a4d3c162e151dc27c5b43198 fedora/2/updates-testing/i386/udev-024-6.2.legacy.i386.rpm 9ed5ef68d64987f8f644da065399d6885e7e1176 fedora/2/updates-testing/SRPMS/udev-024-6.2.legacy.src.rpm fc3: a2682a89f6fe03c2f2c2401caa511c299c1ae1cc fedora/3/updates-testing/i386/udev-039-10.FC3.9.legacy.i386.rpm fbcf92e15337b34511d4a305100d6797d644a84e fedora/3/updates-testing/x86_64/udev-039-10.FC3.9.legacy.x86_64.rpm fe4e15a6ac3d4d80ce3db01f08a75c93985964e8 fedora/3/updates-testing/SRPMS/udev-039-10.FC3.9.legacy.src.rpm --------------------------------------------------------------------- Please test and comment in bugzilla.
Attachment:
signature.asc
Description: OpenPGP digital signature
-- fedora-legacy-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-legacy-list
