[CentOS] Local root vulnerability in udev

Mon Apr 20 13:51:46 UTC 2009
Rob Kampen <rkampen at kampensonline.com>

Andrew Colin Kissa wrote:
> On 20 Apr 2009, at 3:39 PM, Rob Kampen wrote:
>
>   
>> John Austin wrote:
>>     
>>> On Mon, 2009-04-20 at 09:21 -0400, Rob Kampen wrote:
>>>
>>>       
>>>> Lanny Marcus wrote:
>>>>
>>>>         
>>>>> On Sat, Apr 18, 2009 at 9:12 PM, Lanny Marcus <lmmailinglists at gmail.com 
>>>>>           
>>>>>> wrote:
>>>>>>             
>>>>>> I just saw this thread in the OLM forum. Possibly of interest,  
>>>>>> since
>>>>>> they say it includes CentOS 5, if the update hasn't been  
>>>>>> released yet.
>>>>>> Always good  to keep boxes updated, for security and stability
>>>>>> reasons.
>>>>>>
>>>>>> <http://forums.olm.net/showthread.php?t=2137>
>>>>>>
>>>>>>
>>>>>>             
>>>>> I posted the above Saturday night and there was very little  
>>>>> activity
>>>>> in this mailing list over the weekend. Anyone using Apache on  
>>>>> CentOS
>>>>> 5, heads up!
>>>>> _______________________________________________
>>>>> CentOS mailing list
>>>>> CentOS at centos.org
>>>>> http://lists.centos.org/mailman/listinfo/centos
>>>>>
>>>>>           
>>>> Lanny,
>>>> I just killed the udevd on my two servers and await the update....
>>>> What are you looking for?
>>>> Rob
>>>> _______________________________________________
>>>> CentOS mailing list
>>>> CentOS at centos.org
>>>> http://lists.centos.org/mailman/listinfo/centos
>>>>
>>>>         
>>> New udev just arrived - I assume this the fix !!
>>> udev-095-14.20.el5_3.x86_64.rpm
>>>
>>> John
>>>
>>> _______________________________________________
>>> CentOS mailing list
>>> CentOS at centos.org
>>> http://lists.centos.org/mailman/listinfo/centos
>>>
>>>       
>> Just did the upgrade on one of my servers, however, udev is one of  
>> those items that starts right at the beginning of boot up, and has  
>> no init script to stop and start it, so I guess a total reboot is  
>> required??
>>     
>
> According to the RHEL errata the udevd daemon automatically gets  
> restarted on installing the update.
>
> https://rhn.redhat.com/errata/RHSA-2009-0427.html
>
>
>   
Andrew,
I checked and it did not start the daemon. However please not that I had 
manually killed it yesterday pending the patch....
So I guess a reboot is in my server's future...
>> <rkampen.vcf>_______________________________________________
>> CentOS mailing list
>> CentOS at centos.org
>> http://lists.centos.org/mailman/listinfo/centos
>>     
>
> _______________________________________________
> CentOS mailing list
> CentOS at centos.org
> http://lists.centos.org/mailman/listinfo/centos
>   

-------------- next part --------------
A non-text attachment was scrubbed...
Name: rkampen.vcf
Type: text/x-vcard
Size: 196 bytes
Desc: not available
URL: <http://lists.centos.org/pipermail/centos/attachments/20090420/5d097a0a/attachment-0005.vcf>