I would rather have an update for FC2 [was: Re: Will FC3 wait for 2.6.9 ?]
Adam Mercer
r.a.mercer at blueyonder.co.uk
Thu Oct 7 06:38:37 UTC 2004
Chris Adams wrote:
> IIRC there was a recent BUGTRAQ notice that there were security holes
> found in cdrecord when it was setuid root. Have these been fixed in the
> Fedora version?
Fixed earlier this month.
---------------------------------------------------------------------
Fedora Update Notification
FEDORA-2004-298
2004-09-09
---------------------------------------------------------------------
Product : Fedora Core 2
Name : cdrtools
Version : 2.01
Release : 0.a27.4.FC2.3
Summary : A collection of CD/DVD utilities.
Description :
cdrtools is a collection of CD/DVD utilities.
---------------------------------------------------------------------
Update Information:
Anyone who has manually suid /usr/bin/cdrecord should update to this
version.
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0806
<snip>
Cheers
Adam
More information about the fedora-devel-list
mailing list