| Revision Date: | 2008-03-20 | Version: | 635 |
| Title: | RHSA-2007:0235: util-linux security and bug fix update (Low) |
| Description: | The util-linux package contains a collection of basic system utilities.
A flaw was found in the way the login process handled logins which did not require authentication. Certain processes which conduct their own authentication could allow a remote user to bypass intended access policies which would normally be enforced by the login process. (CVE-2006-7108)
This update also fixes the following bugs:
The partx, addpart and delpart commands were not documented.
The "umount -l" command did not work on hung NFS mounts with cached data.
The mount command did not mount NFS V3 share where sec=none was specified.
The mount command did not read filesystem LABEL from unpartitioned disks.
The mount command did not recognize labels on VFAT filesystems.
The fdisk command did not support 4096 sector size for the "-b" option.
The mount man page did not list option "mand" or information about /etc/mtab limitations.
All users of util-linux should upgrade to these updated packages, which contain backported patches to correct these issues.
|
| Family: | unix | Class: | patch |
| Status: | | Reference(s): | CVE-2006-7108
RHSA-2007:0235
RHSA-2007:0235-02
RHSA-2007:0235-02
|
| Platform(s): | Red Hat Enterprise Linux 4
| Product(s): | |
| Definition Synopsis |
| Red Hat Enterprise Linux must be installed OR Package Information
Red Hat Enterprise Linux 4 is installed
AND util-linux is earlier than 0:2.12a-16.EL4.25
AND util-linux is signed with Red Hat redhatrelease2 key
|