Package name
Advisory ID
Affected versions
6.1 i586 , 6.0 i586 , 7.0 i586 , 7.1 i586

Problem description

A problem exists with the kernel logging daemon (klogd) in the sysklogd package. A "format bug" makes klogd vulnerable to local root compromise, as well as the possibility for remote vulnerabilities under certain circumstances, which are unprobable. There is also a more probable semi-remote exploit via knfsd. This update provides a patched version of klogd that fixes these vulnerabilities.

Updated packages

6.1 i586

 bc44efb4d6721cce0feb87535be14cd5  6.1/RPMS/sysklogd-1.3.31-14mdk.i586.rpm
50792c33d6d1817b71d734711d6dcd4b  6.1/SRPMS/sysklogd-1.3.31-14mdk.src.rpm

6.0 i586

 f025156af9b4b9a296e5cee1cacae36f  6.0/RPMS/sysklogd-1.3.31-14mdk.i586.rpm
50792c33d6d1817b71d734711d6dcd4b  6.0/SRPMS/sysklogd-1.3.31-14mdk.src.rpm

7.0 i586

 4fb519ce5be0516113908140a26ad390  7.0/RPMS/sysklogd-1.3.31-15mdk.i586.rpm
36805570b5f2d7ae792573d45050332a  7.0/SRPMS/sysklogd-1.3.31-15mdk.src.rpm

7.1 i586

 3d9416b240c87e58338d58361e5b289e  7.1/RPMS/sysklogd-1.3.31-15mdk.i586.rpm
36805570b5f2d7ae792573d45050332a  7.1/SRPMS/sysklogd-1.3.31-15mdk.src.rpm