CVE-2014-0196 F19/F20
Reindl Harald
h.reindl at thelounge.net
Mon May 12 19:41:53 UTC 2014
Hi
* Tue May 06 2014 Josh Boyer <jwboyer at fedoraproject.org>
- CVE-2014-0196 pty race leading to memory corruption (rhbz 1094232 1094240)
is that only missing in the kernel-3.14.3-100.fc19 but present
or only kernel-3.14.3-200.fc20 for now contains that fix?
there was also a warning on the CentOS list for that issue
-------- Original-Nachricht --------
Betreff: [CentOS] Heads up on local root escalation
Datum: Mon, 12 May 2014 19:13:12 +0100
Von: James Hogarth <james.hogarth at gmail.com>
Antwort an: CentOS mailing list <centos at centos.org>
An: CentOS mailing list <centos at centos.org>
Remember to be especially aware if you have systems that can potentially
have code uploaded and run (ftp to httpd vhost or improper php config and
file ownership/permissions).
This does not affect el5 ... an el6 update is pending.
https://access.redhat.com/security/cve/CVE-2014-0196
More information about the kernel
mailing list