User: Password:
|
|
Subscribe / Log in / New account

Fedora alert FEDORA-2010-17865 (systemtap)

From:  updates@fedoraproject.org
To:  package-announce@lists.fedoraproject.org
Subject:  [SECURITY] Fedora 14 Update: systemtap-1.3-3.fc14
Date:  Fri, 19 Nov 2010 00:03:39 +0000
Message-ID:  <20101119000339.5508A110B74@bastion02.phx2.fedoraproject.org>
Archive-link:  Article, Thread

-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2010-17865 2010-11-18 23:25:01 -------------------------------------------------------------------------------- Name : systemtap Product : Fedora 14 Version : 1.3 Release : 3.fc14 URL : http://sourceware.org/systemtap/ Summary : Instrumentation System Description : SystemTap is an instrumentation system for systems running Linux 2.6. Developers can write instrumentation to collect data on the operation of the system. -------------------------------------------------------------------------------- Update Information: This refresh corrects two important security bugs in the /usr/bin/staprun program of the systemtap-runtime package. CVE-2010-4171 Ability to remove unused modules by unprivileged user CVE-2010-4170 Insecure loading of modules We would like to thank Tavis Ormandy for reporting this issue. -------------------------------------------------------------------------------- ChangeLog: * Tue Nov 16 2010 David Smith <dsmith@redhat.com> - 1.3-3 - CVE-2010-4170 - CVE-2010-4171 -------------------------------------------------------------------------------- References: [ 1 ] Bug #653604 - CVE-2010-4170 Systemtap: Insecure loading of modules https://bugzilla.redhat.com/show_bug.cgi?id=653604 [ 2 ] Bug #653606 - CVE-2010-4171 Systemtap: Ability to remove unused modules by unprivileged user https://bugzilla.redhat.com/show_bug.cgi?id=653606 -------------------------------------------------------------------------------- This update can be installed with the "yum" update program. Use su -c 'yum update systemtap' at the command line. For more information, refer to "Managing Software with yum", available at http://docs.fedoraproject.org/yum/. All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list package-announce@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/package-...


(Log in to post comments)


Copyright © 2017, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds