LWN.net Logo

Advertisement

TrustCommerce

E-Commerce & credit card processing - the Open Source way!

Advertise here

Not logged in

Log in now

Create an account

Subscribe to LWN

Sponsored link

Vyatta – Linux & Open Source Alternative to Cisco – Advanced Routing, Firewall, VPN, QoS..
Free Download ->

Recent Features

LK2008: The values of the Linux community

LWN.net Weekly Edition for October 9, 2008

Plugging into GCC

LWN.net Weekly Edition for October 2, 2008

Ubuntu debuts its Upstream Report

Printable page
Weekly edition Kernel Security Distributions Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ

Fedora alert FEDORA-2007-4709 (autofs)



From:
    	      updates@fedoraproject.org


To:
    	      fedora-package-announce@redhat.com


Subject:
    	      [SECURITY] Fedora 7 Update: autofs-5.0.1-31


Date:
    	      Fri, 21 Dec 2007 14:10:57 -0700


Message-ID:
    	      <200712212110.lBLLAsTe002152@bastion.fedora.phx.redhat.com>


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2007-4709
2007-12-21 17:57:42
--------------------------------------------------------------------------------

Name        : autofs
Product     : Fedora 7
Version     : 5.0.1
Release     : 31
URL         : http://wiki.autofs.net/
Summary     : A tool for automatically mounting and unmounting filesystems
Description :
autofs is a daemon which automatically mounts filesystems when you use
them, and unmounts them later when you are not using them.  This can
include network filesystems, CD-ROMs, floppies, and so forth.

--------------------------------------------------------------------------------
ChangeLog:

* Fri Dec 21 2007 Ian Kent <ikent@redhat.com> - 5.0.1-31
- Bug 426399: CVE-2007-6285 autofs default doesn't set nodev in /net [f7]
  - use mount option "nodev" for "-hosts" map unless "dev" is explicily specified.
* Tue Dec 18 2007 Ian Kent <ikent@redhat.com> - 5.0.1-30
- Bug 397591 SELinux is preventing /sbin/rpc.statd (rpcd_t) "search" to <Unknown> (sysctl_fs_t).
  - prevent fork between fd open and setting of FD_CLOEXEC.
* Thu Dec 13 2007 Ian Kent <ikent@redhat.com> - 5.0.1-29
- Bug 421351: CVE-2007-5964 autofs defaults don't restrict suid in /net [f7]
  - use mount option "nosuid" for "-hosts" map unless "suid" is explicily specified.
* Wed Sep  5 2007 Ian Kent <ikent@redhat.com> - 5.0.1-28
- add ldaps support (required by schema discovery).
- add back LDAP schema discovery if no schema is configured.
* Tue Aug 28 2007 Ian Kent <ikent@redhat.com> - 5.0.1-26
- fix "nosymlink" option handling and add desription to man page.
- update patch to prevent failure on empty master map. 
- if there's no "automount" entry in nsswitch.conf use "files" source.
- add LDAP schema discovery if no schema is configured.
* Tue Aug 21 2007 Ian Kent <ikent@redhat.com> - 5.0.1-25
- change random multiple server selection option name to be consistent
  with upstream naming.
* Tue Aug 21 2007 Ian Kent <ikent@redhat.com> - 5.0.1-24
- don't fail on empty master map.
- allow for older schemas that allow "*" as a key value.
- add support for the "%" hack for case insensitive attribute schemas.
* Mon Jul 30 2007 Ian Kent <ikent@redhat.com> - 5.0.1-23
- mark map instances stale so they aren't "cleaned" during updates.
- fix large file compile time option.
* Fri Jul 27 2007 Ian Kent <ikent@redhat.com> - 5.0.1-22
- fix version passed to get_supported_ver_and_cost (bz 249574).
* Tue Jul 24 2007 Ian Kent <ikent@redhat.com> - 5.0.1-21
- fix parse confusion between attribute and attribute value.
* Fri Jul 20 2007 Ian Kent <ikent@redhat.com> - 5.0.1-20
- fix handling of quoted slash alone (bz 248943).
* Wed Jul 18 2007 Ian Kent <ikent@redhat.com> - 5.0.1-19
- fix wait time resolution in alarm and state queue handlers (bz 247711).
* Mon Jul 16 2007 Ian Kent <ikent@redhat.com> - 5.0.1-18
- correct man page of patch which added mount options append control.
* Mon Jul 16 2007 Ian Kent <ikent@redhat.com> - 5.0.1-17
- fix mount point directory creation for bind mounts.
- add quoting for exports gathered by hosts map.
* Thu Jun  7 2007 Ian Kent <ikent@redhat.com> - 5.0.1-13
- fix deadlock in alarm manager module.
* Sun Jun  3 2007 Ian Kent <ikent@redhat.com> - 5.0.1-11
- correct mistake in logic test in wildcard lookup.
* Mon May  7 2007 Ian Kent <ikent@redhat.com> - 5.0.1-10
- fix master map lexer to admit "." in macro values.
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #426399 - CVE-2007-6285 autofs default doesn't set nodev in /net [f7]
        https://bugzilla.redhat.com/show_bug.cgi?id=426399
--------------------------------------------------------------------------------
Updated packages:

128a3cf695f9c6662f9e474f833af528208182b7 autofs-debuginfo-5.0.1-31.ppc64.rpm
fc3114f874372d841b08ccee8287f631253454a8 autofs-5.0.1-31.ppc64.rpm
fa139fe88f913d4baaeea0906362776714098254 autofs-5.0.1-31.i386.rpm
58433c1470b32faf39b9c8dd3419907b2f1bc164 autofs-debuginfo-5.0.1-31.i386.rpm
8e5583a88125b5cc1de040ec7a37b57a5f014ae3 autofs-debuginfo-5.0.1-31.x86_64.rpm
f4693139aadd71c37002548da618bc6096936bca autofs-5.0.1-31.x86_64.rpm
fd72d964299f2476244c46d7217016a4a477ae0c autofs-debuginfo-5.0.1-31.ppc.rpm
86f8116cd5906ead13d350e5455cbfb1a8eb46dd autofs-5.0.1-31.ppc.rpm
a47e9f37124f13bc7b720df5f6118a69e78ee329 autofs-5.0.1-31.src.rpm

This update can be installed with the "yum" update program.  Use 
su -c 'yum update autofs' 
at the command line.  For more information, refer to "Managing Software
with yum", available at http://docs.fedoraproject.org/yum/.
--------------------------------------------------------------------------------

_______________________________________________
Fedora-package-announce mailing list
Fedora-package-announce@redhat.com
http://www.redhat.com/mailman/listinfo/fedora-package-ann...
(Log in to post comments)

Copyright © 2008, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds