User: Password:
|
|
Subscribe / Log in / New account

Scientific Linux alert SLSA-2013:1674-2 (dracut)

From:  Pat Riehecky <riehecky@fnal.gov>
To:  <scientific-linux-errata@listserv.fnal.gov>
Subject:  Security ERRATA Moderate: dracut on SL6.x (noarch)
Date:  Mon, 9 Dec 2013 16:04:25 +0000
Message-ID:  <20131209160425.2050.61032@slpackages.fnal.gov>
Archive-link:  Article, Thread

Synopsis: Moderate: dracut security, bug fix, and enhancement update Advisory ID: SLSA-2013:1674-2 Issue Date: 2013-11-21 CVE Numbers: CVE-2012-4453 -- It was discovered that dracut created initramfs images as world readable. A local user could possibly use this flaw to obtain sensitive information from these files, such as iSCSI authentication passwords, encrypted root file system crypttab passwords, or other information. (CVE-2012-4453) -- SL6 noarch dracut-004-336.el6.noarch.rpm dracut-fips-004-336.el6.noarch.rpm dracut-kernel-004-336.el6.noarch.rpm dracut-network-004-336.el6.noarch.rpm dracut-caps-004-336.el6.noarch.rpm dracut-fips-aesni-004-336.el6.noarch.rpm dracut-generic-004-336.el6.noarch.rpm dracut-tools-004-336.el6.noarch.rpm - Scientific Linux Development Team


(Log in to post comments)


Copyright © 2018, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds