[SECURITY] Fedora Core 3 Update: lm_sensors-2.8.7-2.FC3.1

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



---------------------------------------------------------------------
Fedora Update Notification
FEDORA-2005-1054
2005-11-07
---------------------------------------------------------------------

Product     : Fedora Core 3
Name        : lm_sensors
Version     : 2.8.7                      
Release     : 2.FC3.1                  
Summary     : Hardware monitoring tools.
Description :
The lm_sensors package includes a collection of modules for general SMBus
access and hardware monitoring.  NOTE: this requires special support which
is not in standard 2.2-vintage kernels.

---------------------------------------------------------------------
Update Information:

The lm_sensors package includes a collection of modules for
general SMBus access and hardware monitoring. NOTE: this
package requires special support which is not in standard
2.2-vintage kernels.

A bug was found in the pwmconfig tool which uses temporary
files in an insecure manner. The pwconfig tool writes a
configuration file which may be world readable for a short
period of time. This file contains various information about
the setup of lm_sensors on that machine. It could be
modified within the short window to contain configuration
data that would either render lm_sensors unusable or in the
worst case even hang the machine resulting in a DoS. The
Common Vulnerabilities and Exposures project has assigned
the name CVE-2005-2672 to this issue.

Users of lm_sensors are advised to upgrade to these updated
packages, which contain a patch which resolves this issue.
---------------------------------------------------------------------
* Tue Aug 30 2005 Phil Knirsch <pknirsch@xxxxxxxxxx> 2.8.7-2.FC3.1
- Fixed CAN-2005-2672 lm_sensors pwmconfig insecure temporary file usage
  (#166673)
- Fixed missing optflags during build (#166910)


---------------------------------------------------------------------
This update can be downloaded from:
  http://download.fedora.redhat.com/pub/fedora/linux/core/updates/3/

405f8f79470ba5e6aa91245e01e704d7  SRPMS/lm_sensors-2.8.7-2.FC3.1.src.rpm
7afe0b73970390b26046b8bd46387ce6  x86_64/lm_sensors-2.8.7-2.FC3.1.x86_64.rpm
9f6395f944e4dee6794902bdcb5251cf  x86_64/lm_sensors-devel-2.8.7-2.FC3.1.x86_64.rpm
45e48c4798340b234b1149101ed12448  x86_64/debug/lm_sensors-debuginfo-2.8.7-2.FC3.1.x86_64.rpm
feab077f0e3b4fa446009b25127f7b8a  x86_64/lm_sensors-2.8.7-2.FC3.1.i386.rpm
feab077f0e3b4fa446009b25127f7b8a  i386/lm_sensors-2.8.7-2.FC3.1.i386.rpm
47529e3eae96b93be934d80b80acbb5d  i386/lm_sensors-devel-2.8.7-2.FC3.1.i386.rpm
dc607f6406a43ed2b0223a120c6f4a0c  i386/debug/lm_sensors-debuginfo-2.8.7-2.FC3.1.i386.rpm

This update can also be installed with the Update Agent; you can
launch the Update Agent with the 'up2date' command.  
---------------------------------------------------------------------

-- 

fedora-announce-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-announce-list

[Index of Archives]     [Fedora Package Announce]     [Fedora Users]     [Fedora Package Review]     [Fedora Desktop]     [PAM]     [Big List of Linux Books]     [Gimp]     [Yosemite News]     [Yosemite Camping]     [Fedora Users]

  Powered by Linux