[CentOS] Local root vulnerability in udev

Mon Apr 20 13:40:19 UTC 2009
Andrew Colin Kissa <andrew at topdog.za.net>

On 20 Apr 2009, at 3:31 PM, John Austin wrote:

> On Mon, 2009-04-20 at 09:21 -0400, Rob Kampen wrote:
>> Lanny Marcus wrote:
>>> On Sat, Apr 18, 2009 at 9:12 PM, Lanny Marcus <lmmailinglists at gmail.com 
>>> > wrote:
>>>
>>>> I just saw this thread in the OLM forum. Possibly of interest,  
>>>> since
>>>> they say it includes CentOS 5, if the update hasn't been released  
>>>> yet.
>>>> Always good  to keep boxes updated, for security and stability
>>>> reasons.
>>>>
>>>> <http://forums.olm.net/showthread.php?t=2137>
>>>>
>>>>
>>> I posted the above Saturday night and there was very little activity
>>> in this mailing list over the weekend. Anyone using Apache on CentOS
>>> 5, heads up!
>>> _______________________________________________
>>> CentOS mailing list
>>> CentOS at centos.org
>>> http://lists.centos.org/mailman/listinfo/centos
>>>
>> Lanny,
>> I just killed the udevd on my two servers and await the update....
>> What are you looking for?
>> Rob
>> _______________________________________________
>> CentOS mailing list
>> CentOS at centos.org
>> http://lists.centos.org/mailman/listinfo/centos
>
> New udev just arrived - I assume this the fix !!
> udev-095-14.20.el5_3.x86_64.rpm

Yep thats the fix but according to upstream you need to update  
libvolume_id as well.


> John
>
> _______________________________________________
> CentOS mailing list
> CentOS at centos.org
> http://lists.centos.org/mailman/listinfo/centos