rPSA-2008-0088-2 am-utils
rPath Update Announcements
announce-noreply at rpath.com
Fri Feb 29 12:04:30 UTC 2008
rPath Security Advisory: 2008-0088-2
Published: 2008-02-28
Updated:
2008-02-29 CVE-2008-1078 has been assigned.
Products:
rPath Linux 1
Rating: Minor
Exposure Level Classification:
Local Non-deterministic Unauthorized Access
Updated Versions:
am-utils=conary.rpath.com at rpl:1/6.0.9-11.4-1
rPath Issue Tracking System:
https://issues.rpath.com/browse/RPL-2255
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1078
Description:
Previous versions of the am-utils package are vulnerable to an attack
in which one local user can modify the contents of arbitrary files to
which other local users running expn have write access.
29 February 2008 Update: CVE-2008-1078 has been assigned for the
vulnerability addressed by this update.
http://wiki.rpath.com/Advisories:rPSA-2008-0088
Copyright 2008 rPath, Inc.
This file is distributed under the terms of the MIT License.
A copy is available at http://www.rpath.com/permanent/mit-license.html
More information about the security-announce
mailing list