rawhide report: 20070120 changes
Bernardo Innocenti
bernie at develer.com
Tue Jan 23 06:53:42 UTC 2007
Tomas Mraz wrote:
>> I've installed this update yesterday in the evening and today
>> there were already rootkits and irc bots everywhere :)
>>
> Well it is not just you. And I am ashamed I didn't catch this problem
> when reviewing changes in new upstream version. :( It won't allow anyone
> to any account but only accounts with only two characters in passwd
> field - like !! and similar. It is very serious anyway.
Luckly, thanks to the "many eyes make all bugs shallow" it's been caught
very quickly. Unfortunately, those eyeballs were those of several script
kiddies :-)))
> Should be fixed in pam-0.99.7.0-2.fc7.
Confirmed.
--
// Bernardo Innocenti - Develer S.r.l., R&D dept.
\X/ http://www.develer.com/
More information about the fedora-devel-list
mailing list