MDVSA-2012:138
- Nom du paquet
- acpid
- Date
- 2012-08-17
- Advisory ID
- MDVSA-2012:138
- Affected versions
- MES5 i586 , MES5 x86_64
Problem description
A vulnerability has been discovered and corrected in acpid:
Helmut Grohne and Michael Biebl discovered that ACPI scripts were
executed with a permissive file mode creation mask (umask). A local
attacker could read files and modify directories created by ACPI
scripts that did not set a strict umask (CVE-2011-4578).
The updated packages have been patched to correct this issue.
Updated packages
MES5 i586
85f3ca54e7b9425908750055505ba976 mes5/i586/acpid-1.0.6-6.4mnb2.i586.rpm 5eec7f7fc2c232aee6ce97f84666422a mes5/SRPMS/acpid-1.0.6-6.4mnb2.src.rpm
MES5 x86_64
6a467035f7b3faa0067c5be0023b32a7 mes5/x86_64/acpid-1.0.6-6.4mnb2.x86_64.rpm 5eec7f7fc2c232aee6ce97f84666422a mes5/SRPMS/acpid-1.0.6-6.4mnb2.src.rpm