Fedora alert FEDORA-2015-13471 (audit)
| From: | updates@fedoraproject.org | |
| To: | package-announce@lists.fedoraproject.org | |
| Subject: | [SECURITY] Fedora 21 Update: audit-2.4.4-1.fc21 | |
| Date: | Wed, 19 Aug 2015 08:13:46 +0000 | |
| Message-ID: | <20150819081349.241DC6115100@bastion01.phx2.fedoraproject.org> |
-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2015-13471 2015-08-14 23:17:39 -------------------------------------------------------------------------------- Name : audit Product : Fedora 21 Version : 2.4.4 Release : 1.fc21 URL : http://people.redhat.com/sgrubb/audit/ Summary : User space tools for 2.6 kernel auditing Description : The audit package contains the user space utilities for storing and searching the audit records generate by the audit subsystem in the Linux 2.6 kernel. -------------------------------------------------------------------------------- Update Information: This update fixes CVE-2015-5186. The issue is that ausearch/report did not escape terminal emulator sequences when interpreting untrusted data. -------------------------------------------------------------------------------- ChangeLog: * Thu Aug 13 2015 Steve Grubb <sgrubb@redhat.com> 2.4.4-1 - New upstream bugfix release - Fixes CVE-2015-5186 Audit: log terminal emulator escape sequences handling * Thu Jul 16 2015 Steve Grubb <sgrubb@redhat.com> 2.4.3-1 - New upstream bugfix release - Adds python3 support * Wed Jun 17 2015 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 2.4.2-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild * Tue Apr 28 2015 Steve Grubb <sgrubb@redhat.com> 2.4.2-1 - New upstream bugfix release * Sat Feb 21 2015 Till Maas <opensource@till.name> - 2.4.1-2 - Rebuilt for Fedora 23 Change https://fedoraproject.org/wiki/Changes/Harden_all_package... -------------------------------------------------------------------------------- This update can be installed with the "yum" update program. Use su -c 'yum update audit' at the command line. For more information, refer to "Managing Software with yum", available at http://docs.fedoraproject.org/yum/. All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list package-announce@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/package-...