- Nom du paquet
- Advisory ID
- Affected versions
- MBS1 x86_64
Updated keepalived package fixes security vulnerability:
The pidfile_write function in core/pidfile.c in keepalived 1.2.2
and earlier uses 0666 permissions for the (1) keepalived.pid, (2)
checkers.pid, and (3) vrrp.pid files in /var/run/, which allows local
users to kill arbitrary processes by writing a PID to one of these
A security issue due to syslog being used inside of sighandlers has
also been fixed.
Finally, keepalived was failing to load the ip_vs kernel module
because of an incorrect modprobe option. This has also been corrected.
43f8ed4c37d9fe36333144910b156756 mbs1/x86_64/keepalived-1.2.2-2.1.mbs1.x86_64.rpm 469ea55f6172a4bd36202dcd33203765 mbs1/SRPMS/keepalived-1.2.2-2.1.mbs1.src.rpm