Package name
libgssglue
Date
2013-04-05
Advisory ID
MDVSA-2013:043
Affected versions
MBS1 x86_64

Problem description

This update fixes insecure getenv() usage in libgssglue, which could
be used under some circumstances by local attackers do gain root
privileges (CVE-2011-2709).

Updated packages

MBS1 x86_64

 a5cc4da52d5ac3532b29f528609ab4b7  mbs1/x86_64/lib64gssglue1-0.4-1.mbs1.x86_64.rpm
 af0281d9fa8cdb30634c9442ef414b26  mbs1/x86_64/lib64gssglue-devel-0.4-1.mbs1.x86_64.rpm 
 4d42b6a08664100814ec344bca919ac4  mbs1/SRPMS/libgssglue-0.4-1.mbs1.src.rpm

References