[ MDVSA-2015:177 ] ctdb

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

 _______________________________________________________________________

 Mandriva Linux Security Advisory                         MDVSA-2015:177
 http://www.mandriva.com/en/support/security/
 _______________________________________________________________________

 Package : ctdb
 Date    : March 30, 2015
 Affected: Business Server 2.0
 _______________________________________________________________________

 Problem Description:

 Updated ctdb packages fix security vulnerability:
 
 ctdb before 2.5 is vulnerable to symlink attacks to due the
 use of predictable filenames in /tmp, such as /tmp/ctdb.socket
 (CVE-2013-4159).
 _______________________________________________________________________

 References:

 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4159
 http://advisories.mageia.org/MGASA-2014-0274.html
 _______________________________________________________________________

 Updated Packages:

 Mandriva Business Server 2/X86_64:
 c866ceea1e34

007 Software

[ MDVSA-2015:177 ] ctdb

Leave a Reply Cancel reply

Software and Security Information