Till Maas wrote: > On Fri September 5 2008, Till Maas wrote: > >> pam_mount just released an update that fixes a security vulnerability: >> https://sourceforge.net/project/shownotes.php?release_id=624240 > > Will someone create the needed tracking bugs[1] for this and maybe request / > assign a CVE number? This email was posted in fedora-security-list@rc. v0.47 (September 04 2008) ========================= This release incorporates a security fix (item 3 on the list). All administrators who have enabled <luserconf> in the configuration file should upgrade. A workaround is to comment out <luserconf>. - mount.crypt: add missing null command to conform to sh syntax (SF bug #2089446) - conf: fix printing of strings when luser volume options were not ok - conf: re-add luserconf security checks [...] https://sourceforge.net/project/shownotes.php?release_id=624240 http://dev.medozas.de/gitweb.cgi?p=pam_mount;a=commitdiff;h=33b91d7659ae3aa78b1e94fd3f8e545ae5ff25db Thanks, Eugene -- Eugene Teo / Red Hat Security Response Team -- Fedora-security-list mailing list Fedora-security-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-security-list
