Hi
* Tue May 06 2014 Josh Boyer <jwboyer(a)fedoraproject.org>
- CVE-2014-0196 pty race leading to memory corruption (rhbz 1094232 1094240)
is that only missing in the kernel-3.14.3-100.fc19 but present
or only kernel-3.14.3-200.fc20 for now contains that fix?
there was also a warning on the CentOS list for that issue
-------- Original-Nachricht --------
Betreff: [CentOS] Heads up on local root escalation
Datum: Mon, 12 May 2014 19:13:12 +0100
Von: James Hogarth <james.hogarth(a)gmail.com>
Antwort an: CentOS mailing list <centos(a)centos.org>
An: CentOS mailing list <centos(a)centos.org>
Remember to be especially aware if you have systems that can potentially
have code uploaded and run (ftp to httpd vhost or improper php config and
file ownership/permissions).
This does not affect el5 ... an el6 update is pending.
https://access.redhat.com/security/cve/CVE-2014-0196