The stable util-linux-ng 2.13.1.1 release is available at ftp://ftp.kernel.org/pub/linux/utils/util-linux-ng/v2.13/ (Note, 2.13.1.1 is a stable security release.) Feedback and bug reports, as always, are welcomed. Karel Util-linux-ng 2.13.1.1 Release Notes (22-Apr-2008) ================================================== Fixed security issue: -------------------- - audit log injection attack. This bug allows attackers to write arbitrary characters to an audit log via a crafted username. The problem was originally reported for OpenSSH few months ago (CVE-2007-3102). The login(1) is affected by the same bug when built with the option "--with-audit". Changelog: --------- For more details see ChangeLog files at: ftp://ftp.kernel.org/pub/linux/utils/util-linux-ng/v2.13/ login: - audit log injection attack via login [Steve Grubb] po: - merge changes [Karel Zak] - update it.po (from translationproject.org) [Marco Colombo] - update nl.po (from translationproject.org) [Benno Schulenberg] -- Karel Zak <kzak@xxxxxxxxxx> -- To unsubscribe from this list: send the line "unsubscribe linux-fsdevel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html