[SECURITY] Fedora 7 Update: autofs-5.0.1-29

updates at fedoraproject.org updates at fedoraproject.org
Sat Dec 15 19:25:29 UTC 2007 

--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2007-4469
2007-12-15 17:44:17
--------------------------------------------------------------------------------

Name        : autofs
Product     : Fedora 7
Version     : 5.0.1
Release     : 29
URL         : http://wiki.autofs.net/
Summary     : A tool for automatically mounting and unmounting filesystems
Description :
autofs is a daemon which automatically mounts filesystems when you use
them, and unmounts them later when you are not using them.  This can
include network filesystems, CD-ROMs, floppies, and so forth.

--------------------------------------------------------------------------------
ChangeLog:

* Thu Dec 13 2007 Ian Kent <ikent at redhat.com> - 5.0.1-29
- Bug 421351: CVE-2007-5964 autofs defaults don't restrict suid in /net [f7]
  - use mount option "nosuid" for "-hosts" map unless "suid" is explicily specified.
* Wed Sep  5 2007 Ian Kent <ikent at redhat.com> - 5.0.1-28
- add ldaps support (required by schema discovery).
- add back LDAP schema discovery if no schema is configured.
* Tue Aug 28 2007 Ian Kent <ikent at redhat.com> - 5.0.1-26
- fix "nosymlink" option handling and add desription to man page.
- update patch to prevent failure on empty master map. 
- if there's no "automount" entry in nsswitch.conf use "files" source.
- add LDAP schema discovery if no schema is configured.
* Tue Aug 21 2007 Ian Kent <ikent at redhat.com> - 5.0.1-25
- change random multiple server selection option name to be consistent
  with upstream naming.
* Tue Aug 21 2007 Ian Kent <ikent at redhat.com> - 5.0.1-24
- don't fail on empty master map.
- allow for older schemas that allow "*" as a key value.
- add support for the "%" hack for case insensitive attribute schemas.
* Mon Jul 30 2007 Ian Kent <ikent at redhat.com> - 5.0.1-23
- mark map instances stale so they aren't "cleaned" during updates.
- fix large file compile time option.
* Fri Jul 27 2007 Ian Kent <ikent at redhat.com> - 5.0.1-22
- fix version passed to get_supported_ver_and_cost (bz 249574).
* Tue Jul 24 2007 Ian Kent <ikent at redhat.com> - 5.0.1-21
- fix parse confusion between attribute and attribute value.
* Fri Jul 20 2007 Ian Kent <ikent at redhat.com> - 5.0.1-20
- fix handling of quoted slash alone (bz 248943).
* Wed Jul 18 2007 Ian Kent <ikent at redhat.com> - 5.0.1-19
- fix wait time resolution in alarm and state queue handlers (bz 247711).
* Mon Jul 16 2007 Ian Kent <ikent at redhat.com> - 5.0.1-18
- correct man page of patch which added mount options append control.
* Mon Jul 16 2007 Ian Kent <ikent at redhat.com> - 5.0.1-17
- fix mount point directory creation for bind mounts.
- add quoting for exports gathered by hosts map.
* Thu Jun  7 2007 Ian Kent <ikent at redhat.com> - 5.0.1-13
- fix deadlock in alarm manager module.
* Sun Jun  3 2007 Ian Kent <ikent at redhat.com> - 5.0.1-11
- correct mistake in logic test in wildcard lookup.
* Mon May  7 2007 Ian Kent <ikent at redhat.com> - 5.0.1-10
- fix master map lexer to admit "." in macro values.
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #421351 - CVE-2007-5964 autofs defaults don't restrict suid in /net [f7]
        https://bugzilla.redhat.com/show_bug.cgi?id=421351
--------------------------------------------------------------------------------
Updated packages:

846e745179918fe10db20bbe84a0737610b4eaeb autofs-5.0.1-29.ppc64.rpm
ed92aa477e68d90933f0b7134f63cfc04647b66a autofs-debuginfo-5.0.1-29.ppc64.rpm
71c6b96cd13f63f8b4e9f1924fc8fe81b1fd5c20 autofs-debuginfo-5.0.1-29.i386.rpm
642387715c661c25a91f387156c8e46dd4a7f710 autofs-5.0.1-29.i386.rpm
92b5139b1087ef68087e11707b2e677a59a22877 autofs-5.0.1-29.x86_64.rpm
52c57dd7927319578fb37c90c33aa94b0577651a autofs-debuginfo-5.0.1-29.x86_64.rpm
ff9493bd5fb907a423065c88f2562345125a8186 autofs-5.0.1-29.ppc.rpm
a196cd329070363e723d1b179a5868a95139892c autofs-debuginfo-5.0.1-29.ppc.rpm
4783b086be6fdd7b4d2feb879cc4b850c1323814 autofs-5.0.1-29.src.rpm

This update can be installed with the "yum" update program.  Use 
su -c 'yum update autofs' 
at the command line.  For more information, refer to "Managing Software
with yum", available at http://docs.fedoraproject.org/yum/.
--------------------------------------------------------------------------------

More information about the Fedora-package-announce mailing list