[linux-lvm] lvm2-cluster (clvmd) security fix (Moderate)

Alasdair G Kergon agk at redhat.com
Wed Jul 28 16:41:12 UTC 2010

I have released version 2.02.72 of LVM2 today to address a security problem.


If you are running clvmd on a machine where you also have non-root users
you should seriously consider applying the patch,   The problem has been
in the code base since 2004.  LVM2 on its own is not vulnerable to this

Vendors were notified last week.

Red Hat's Security Advisories are here:


Fuller details are in the Red Hat Bugzilla:

The essential part of the patch is attached there and it should apply to
older releases too.

agk at redhat.com
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 197 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/linux-lvm/attachments/20100728/f939fb45/attachment.sig>

More information about the linux-lvm mailing list