| |||||||||||||
A privilege escalation flaw in udevA privilege escalation flaw in udevPosted Apr 22, 2009 18:25 UTC (Wed) by tzafrir (subscriber, #11501)In reply to: A privilege escalation flaw in udev by pheldens Parent article: A privilege escalation flaw in udev
Kill udevd :-(
On a server system it should work.
(Log in to post comments)
A privilege escalation flaw in udev Posted Apr 23, 2009 0:42 UTC (Thu) by smithj (subscriber, #38034) [Link]
The RHEL update for this issue automatically restarts udev. I would imagine other vendors either do the same or that /etc/init.d/udev restart (or similar) would be safe to execute on an in-production system.
A privilege escalation flaw in udev Posted Apr 23, 2009 8:45 UTC (Thu) by janfrode (subscriber, #244) [Link] The Red Hat errata for this fix says:Before applying this update, make sure that all previously-released errata relevant to your system have been applied.Is that just the normal cop out, or are there any reasons to worry upgrading udev on a RHEL5u0 will break something.. ?
A privilege escalation flaw in udev Posted Apr 23, 2009 13:25 UTC (Thu) by cesarb (subscriber, #6266) [Link]
I have seen that sentence in every single security advisory they issue, so it is probably just a boilerplate sentence (of course, one can expect there are reasons for them adding that boilerplate).
A privilege escalation flaw in udev Posted Apr 23, 2009 16:07 UTC (Thu) by janfrode (subscriber, #244) [Link]
And just to be on the paranoid safe side I asked Red Hat support, and they confirmed it should be safe to upgrade on any RHEL5 update levels.
A privilege escalation flaw in udev Posted Apr 24, 2009 18:43 UTC (Fri) by smithj (subscriber, #38034) [Link]
FYI, I updated udev only on various RHEL5 boxen from 5.1 to 5.3, with weird patch levels in-between. I've yet to see any problems.
Your milage may vary.
|
|||||||||||||