[SECURITY] Fedora Core 4 Update: lm_sensors-2.9.1-3.FC4.1

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



---------------------------------------------------------------------
Fedora Update Notification
FEDORA-2005-1053
2005-11-07
---------------------------------------------------------------------

Product     : Fedora Core 4
Name        : lm_sensors
Version     : 2.9.1                      
Release     : 3.FC4.1                  
Summary     : Hardware monitoring tools.
Description :
The lm_sensors package includes a collection of modules for general SMBus
access and hardware monitoring.  NOTE: this requires special support which
is not in standard 2.2-vintage kernels.

---------------------------------------------------------------------
Update Information:

The lm_sensors package includes a collection of modules for
general SMBus access and hardware monitoring. NOTE: this
package requires special support which is not in standard
2.2-vintage kernels.

A bug was found in the pwmconfig tool which uses temporary
files in an insecure manner. The pwconfig tool writes a
configuration file which may be world readable for a short
period of time. This file contains various information about
the setup of lm_sensors on that machine. It could be
modified within the short window to contain configuration
data that would either render lm_sensors unusable or in the
worst case even hang the machine resulting in a DoS. The
Common Vulnerabilities and Exposures project has assigned
the name CVE-2005-2672 to this issue.

Users of lm_sensors are advised to upgrade to these updated
packages, which contain a patch which resolves this issue.
---------------------------------------------------------------------
* Thu Sep  1 2005 Phil Knirsch <pknirsch@xxxxxxxxxx> 2.9.1-3.FC4.1
- Fixed CAN-2005-2672 lm_sensors pwmconfig insecure temporary file usage
  (#166673)
- Fixed missing optflags during build (#166910)

* Mon May 23 2005 Phil Knirsch <pknirsch@xxxxxxxxxx> 2.9.1-3
- Update to lm_sensors-2.9.1
- Fixed wrong/missing location variables for make user
- Fixed missing check for /etc/modprobe.conf in sensors-detect (#139245)


---------------------------------------------------------------------
This update can be downloaded from:
  http://download.fedora.redhat.com/pub/fedora/linux/core/updates/4/

01f14f40542a5dbd8a069c187da2a6cd  SRPMS/lm_sensors-2.9.1-3.FC4.1.src.rpm
6edf4ba108f9a888f7606351a13b14d6  x86_64/lm_sensors-2.9.1-3.FC4.1.x86_64.rpm
a746776641693fcfd22d8b235c395d98  x86_64/lm_sensors-devel-2.9.1-3.FC4.1.x86_64.rpm
220e210a34405bd704d11becfb21e31a  x86_64/debug/lm_sensors-debuginfo-2.9.1-3.FC4.1.x86_64.rpm
8a86673c482d82ced8a22048589523d5  x86_64/lm_sensors-2.9.1-3.FC4.1.i386.rpm
8a86673c482d82ced8a22048589523d5  i386/lm_sensors-2.9.1-3.FC4.1.i386.rpm
944ea0d8a3777920dd59945dd8461781  i386/lm_sensors-devel-2.9.1-3.FC4.1.i386.rpm
ca7be3d727275f938b32f42eaaf71435  i386/debug/lm_sensors-debuginfo-2.9.1-3.FC4.1.i386.rpm

This update can also be installed with the Update Agent; you can
launch the Update Agent with the 'up2date' command.  
---------------------------------------------------------------------

-- 

fedora-announce-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-announce-list

[Index of Archives]     [Fedora Package Announce]     [Fedora Users]     [Fedora Package Review]     [Fedora Desktop]     [PAM]     [Big List of Linux Books]     [Gimp]     [Yosemite News]     [Yosemite Camping]     [Fedora Users]

  Powered by Linux