Paketname
systemd
Datum
2012-03-16
Advisory ID
MDVSA-2012:030
Betroffene Versionen
2011 i586 , 2011 x86_64

Problembeschreibung

A vulnerability has been found and corrected in systemd:

A TOCTOU race condition was found in the way the systemd-logind
login manager of the systemd, a system and service manager for Linux,
performed removal of particular records related with user session upon
user logout. A local attacker could use this flaw to conduct symbolic
link attacks, potentially leading to removal of arbitrary system file
(CVE-2012-1174).

The updated packages have been patched to correct this issue.

Aktualisierte Pakete

2011 i586

 babb58c1bfed5771648536306cfbee20  2011/i586/systemd-29-8.2-mdv2011.0.i586.rpm
 7ea7f957bb91d211c1c390dd805c5666  2011/i586/systemd-gtk-29-8.2-mdv2011.0.i586.rpm
 37a1216151f1888d985c0a784e3a71ca  2011/i586/systemd-sysvinit-29-8.2-mdv2011.0.i586.rpm
 8b1e5251cc709a5c7dc499dc34abbeec  2011/i586/systemd-units-29-8.2-mdv2011.0.i586.rpm 
 8b4d1dfff9b62bfa97732ea8f28dced9  2011/SRPMS/systemd-29-8.2.src.rpm

2011 x86_64

 189b87bc469f3e803729ddd1c496ea7d  2011/x86_64/systemd-29-8.2-mdv2011.0.x86_64.rpm
 ec3f95ed6706b3d057afe7e62b590b0a  2011/x86_64/systemd-gtk-29-8.2-mdv2011.0.x86_64.rpm
 98125c6515460472604ab76183ddf63f  2011/x86_64/systemd-sysvinit-29-8.2-mdv2011.0.x86_64.rpm
 723aeadda814b44ae5abf98ab98a62b5  2011/x86_64/systemd-units-29-8.2-mdv2011.0.x86_64.rpm 
 8b4d1dfff9b62bfa97732ea8f28dced9  2011/SRPMS/systemd-29-8.2.src.rpm

Referenzen