[ANNOUNCE] util-linux-ng 2.13.1.1 (security update)

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



The stable util-linux-ng 2.13.1.1 release is available at

    ftp://ftp.kernel.org/pub/linux/utils/util-linux-ng/v2.13/


(Note, 2.13.1.1 is a stable security release.)

Feedback and bug reports, as always, are welcomed.


	Karel


Util-linux-ng 2.13.1.1 Release Notes (22-Apr-2008)
==================================================

Fixed security issue:
--------------------

 - audit log injection attack. This bug allows attackers to write
   arbitrary characters to an audit log via a crafted username.

 The problem was originally reported for OpenSSH few months ago
 (CVE-2007-3102). The login(1) is affected by the same bug when
 built with the option "--with-audit".


Changelog:
---------

 For more details see ChangeLog files at:
 ftp://ftp.kernel.org/pub/linux/utils/util-linux-ng/v2.13/


login:
   - audit log injection attack via login  [Steve Grubb]
po:
   - merge changes  [Karel Zak]
   - update it.po (from translationproject.org)  [Marco Colombo]
   - update nl.po (from translationproject.org)  [Benno Schulenberg]

-- 
 Karel Zak  <kzak@xxxxxxxxxx>
--
To unsubscribe from this list: send the line "unsubscribe linux-fsdevel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html

[Index of Archives]     [Linux Ext4 Filesystem]     [Union Filesystem]     [Filesystem Testing]     [Ceph Users]     [Ecryptfs]     [AutoFS]     [Kernel Newbies]     [Share Photos]     [Security]     [Netfilter]     [Bugtraq]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux Cachefs]     [Reiser Filesystem]     [Linux RAID]     [Samba]     [Device Mapper]     [CEPH Development]
  Powered by Linux