LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

LWN.net Weekly Edition for May 24, 2012

A uTouch architecture introduction

LWN.net Weekly Edition for May 17, 2012

Tasting the Ice Cream Sandwich

Highlights from the PostgreSQL 9.2 beta

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

Wednesday's security updates

[Posted December 28, 2011 by corbet]

Wednesday's security updates
[Security] Posted Dec 28, 2011 20:32 UTC (Wed) by corbet

There is not much happening in the Linux world, but the security updates never seem to take a holiday. In particular, we're seeing the nasty telnetd hole showing up in some Linux distributions; anybody running a vulnerable version would be well advised to update immediately - or to move away from telnet altogether.

CentOS has updated krb5 (C4, C5: telnetd remote root vulnerability) and krb5-appl (C6: telnetd remote root vulnerability).

Mandriva has updated ipmitool (denial of service) and krb5-appl (telnetd remote root vulnerability).

Oracle has updated UE kernel (EL5, EL6: privilege escalation), kernel (EL6: privilege escalation), krb5 (EL4, EL5: telnetd remote root vulnerability), and krb5-appl (EL6: telnetd remote root vulnerability).

Red Hat has updated krb5 (RHEL3,RHEL5: telnetd remote root vulnerability) and krb5-appl (RHEL6: telnetd remote root vulnerability).

Scientific Linux has updated krb5 (SL4-5: telnetd remote root vulnerability).

Comments (1 posted)

Copyright © 2011, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds