FEDORA-EPEL-2009-0598 created by till 12 years ago for Fedora EPEL 5
stable

This update addresses CVE-2009-3589 with a patch to initialize the supplementary groups of processes that are run from user incrontabs. Without it, these processes run with the supplementary groups from the incrond process. These groups might include the group disk, e.g. when the incrond process was started using "service incrond start". Then the users allowed to create a incrontab table could access raw disk contents. There might also be other ways to exploit this vulnerability.

This update has been pushed to testing

12 years ago

This update has been submitted for testing

This update has been pushed to testing

12 years ago

This update has been submitted for testing

This update has been submitted for stable

This update has been pushed to stable

12 years ago

Please login to add feedback.

Metadata
Type
security
Karma
0
Signed
Content Type
RPM
Test Gating
Settings
Unstable by Karma
-3
Stable by Karma
disabled
Stable by Time
disabled
Dates
submitted
12 years ago
in testing
12 years ago
in stable
12 years ago
modified
12 years ago

Automated Test Results