Re: I would rather have an update for FC2 [was: Re: Will FC3 wait for 2.6.9 ?]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Chris Adams wrote:

IIRC there was a recent BUGTRAQ notice that there were security holes
found in cdrecord when it was setuid root.  Have these been fixed in the
Fedora version?


Fixed earlier this month.

---------------------------------------------------------------------
Fedora Update Notification
FEDORA-2004-298
2004-09-09
---------------------------------------------------------------------

Product     : Fedora Core 2
Name        : cdrtools
Version     : 2.01
Release     : 0.a27.4.FC2.3
Summary     : A collection of CD/DVD utilities.
Description :
cdrtools is a collection of CD/DVD utilities.

---------------------------------------------------------------------
Update Information:


Anyone who has manually suid /usr/bin/cdrecord should update to this version.

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0806

<snip>

Cheers

Adam

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Index of Archives]     [Fedora Announce]     [Fedora Kernel]     [Fedora Testing]     [Fedora Formulas]     [Fedora PHP Devel]     [Kernel Development]     [Fedora Legacy]     [Fedora Maintainers]     [Fedora Desktop]     [PAM]     [Red Hat Development]     [Gimp]     [Yosemite News]
  Powered by Linux