[SECURITY] Fedora 10 Update: device-mapper-multipath-0.4.8-9.fc10

updates at fedoraproject.org updates at fedoraproject.org
Thu Apr 9 16:10:33 UTC 2009


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2009-3449
2009-04-09 15:25:19
--------------------------------------------------------------------------------

Name        : device-mapper-multipath
Product     : Fedora 10
Version     : 0.4.8
Release     : 9.fc10
URL         : http://christophe.varoqui.free.fr/
Summary     : Tools to manage multipath devices using device-mapper
Description :
device-mapper-multipath provides tools to manage multipath devices by
instructing the device-mapper multipath kernel module what to do.
The tools are :
* multipath :   Scan the system for multipath devices and assemble them.
* multipathd :  Detects when paths fail and execs multipath to update things.

--------------------------------------------------------------------------------
Update Information:

Fix insecure permissions on multipathd.sock (CVE-2009-0115)
--------------------------------------------------------------------------------
ChangeLog:

* Tue Apr  7 2009 Milan Broz <mbroz at redhat.com> - 0.4.8-9
- Fix insecure permissions on multipathd.sock (CVE-2009-0115)
* Sun Mar 22 2009 Milan Broz <mbroz at redhat.com> - 0.4.8-8
- Fix kpartx extended partition handling (481297)
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #493330 - CVE-2009-0115 device-mapper-multipath: insecure permissions on multipathd.sock
        https://bugzilla.redhat.com/show_bug.cgi?id=493330
--------------------------------------------------------------------------------

This update can be installed with the "yum" update program.  Use 
su -c 'yum update device-mapper-multipath' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key.  More details on the
GPG keys used by the Fedora Project can be found at
http://fedoraproject.org/keys
--------------------------------------------------------------------------------




More information about the Fedora-package-announce mailing list