| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 06 Sep 2010 16:05:01 +0200 From: security@...driva.com To: bugtraq@...urityfocus.com Subject: [ MDVSA-2010:171 ] lvm2 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 _______________________________________________________________________ Mandriva Linux Security Advisory MDVSA-2010:171 http://www.mandriva.com/security/ _______________________________________________________________________ Package : lvm2 Date : September 6, 2010 Affected: 2009.1, 2010.0, 2010.1 _______________________________________________________________________ Problem Description: A vulnerability has been found and corrected in lvm2: The cluster logical volume manager daemon (clvmd) in lvm2-cluster in LVM2 before 2.02.72, as used in Red Hat Global File System (GFS) and other products, does not verify client credentials upon a socket connection, which allows local users to cause a denial of service (daemon exit or logical-volume change) or possibly have unspecified other impact via crafted control commands (CVE-2010-2526). The updated packages have been patched to correct this issue. _______________________________________________________________________ References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2526 _______________________________________________________________________ Updated Packages: Mandriva Linux 2009.1: 11ac47baa0dffc858deae4847afc95bc 2009.1/i586/clvmd-2.02.33-8.1mnb2.i586.rpm 3e28f4c39a97f96dff14ea07e63c0375 2009.1/i586/lvm2-2.02.33-8.1mnb2.i586.rpm 1473d81d8d69eecfffeba569d6a524ab 2009.1/SRPMS/lvm2-2.02.33-8.1mnb2.src.rpm Mandriva Linux 2009.1/X86_64: f3c07dc0fa38749ea2be8b8a334e08c7 2009.1/x86_64/clvmd-2.02.33-8.1mnb2.x86_64.rpm 18f0a933f3236c38a7b2f0c8fdfb0516 2009.1/x86_64/lvm2-2.02.33-8.1mnb2.x86_64.rpm 1473d81d8d69eecfffeba569d6a524ab 2009.1/SRPMS/lvm2-2.02.33-8.1mnb2.src.rpm Mandriva Linux 2010.0: 28d2ca049d8736523166f7c99730550d 2010.0/i586/clvmd-2.02.53-9.2mnb2.i586.rpm e6456c6b7f8b64bb9579cd485fd1883c 2010.0/i586/dmsetup-1.02.38-9.2mnb2.i586.rpm f44de286bd97799df0633639605f9a7b 2010.0/i586/libdevmapper1.02-1.02.38-9.2mnb2.i586.rpm 9b497f111670636f1dfc9fd3d0635b63 2010.0/i586/libdevmapper-devel-1.02.38-9.2mnb2.i586.rpm dc1d8288bc99b1a1e18508d6a0edb595 2010.0/i586/libdevmapper-event1.02-1.02.38-9.2mnb2.i586.rpm 9b01ee505c3a4949fa0f161c03280b83 2010.0/i586/libdevmapper-event-devel-1.02.38-9.2mnb2.i586.rpm 61cfd88b9c6789d37fdaf4f6254116ff 2010.0/i586/liblvm2cmd2.02-2.02.53-9.2mnb2.i586.rpm 929d5d33f66502a078cd8212e1b537b1 2010.0/i586/liblvm2cmd-devel-2.02.53-9.2mnb2.i586.rpm b17cbac08c61dce99597e6dbb6702045 2010.0/i586/lvm2-2.02.53-9.2mnb2.i586.rpm 27e1f390f03910f521d6c9248fd28cfb 2010.0/SRPMS/lvm2-2.02.53-9.2mnb2.src.rpm Mandriva Linux 2010.0/X86_64: 3bf5a13a5e066af39062bdaa7a4e6d87 2010.0/x86_64/clvmd-2.02.53-9.2mnb2.x86_64.rpm aa1f570c9a929aee83dd9547ae905468 2010.0/x86_64/dmsetup-1.02.38-9.2mnb2.x86_64.rpm 81f077f42936ec8be557105a220a149b 2010.0/x86_64/lib64devmapper1.02-1.02.38-9.2mnb2.x86_64.rpm e90c54801d5d3e201d68731e2cbc4dc5 2010.0/x86_64/lib64devmapper-devel-1.02.38-9.2mnb2.x86_64.rpm 56d2c5cd25dfef94a15568c420743fea 2010.0/x86_64/lib64devmapper-event1.02-1.02.38-9.2mnb2.x86_64.rpm 4cff5d26f20d11a57a7dffe7fb3421a8 2010.0/x86_64/lib64devmapper-event-devel-1.02.38-9.2mnb2.x86_64.rpm 40f4f8aa95abd23c8640e5cf22031b02 2010.0/x86_64/lib64lvm2cmd2.02-2.02.53-9.2mnb2.x86_64.rpm a87f6ecae4c05b5ced933cb3468ed499 2010.0/x86_64/lib64lvm2cmd-devel-2.02.53-9.2mnb2.x86_64.rpm 96c9b9781d1168c90a557cc583930a7e 2010.0/x86_64/lvm2-2.02.53-9.2mnb2.x86_64.rpm 27e1f390f03910f521d6c9248fd28cfb 2010.0/SRPMS/lvm2-2.02.53-9.2mnb2.src.rpm Mandriva Linux 2010.1: 48f74df7e0156e45f230429aa41cea7a 2010.1/i586/clvmd-2.02.61-5.1mnb2.i586.rpm a5fa92bb7251a9f9b9a651a9d681c470 2010.1/i586/cmirror-2.02.61-5.1mnb2.i586.rpm c7281a45862b7460be4b9623165cc591 2010.1/i586/dmsetup-1.02.44-5.1mnb2.i586.rpm 98c4f715edc57a2a81631cb2ab9a824b 2010.1/i586/libdevmapper1.02-1.02.44-5.1mnb2.i586.rpm e5b0271e14e85ad94cb3e746960993b1 2010.1/i586/libdevmapper-devel-1.02.44-5.1mnb2.i586.rpm 2b83f2c3a303604e42868b074364b017 2010.1/i586/libdevmapper-event1.02-1.02.44-5.1mnb2.i586.rpm aef97aaed0fd616df5a046d9b05f55e2 2010.1/i586/libdevmapper-event-devel-1.02.44-5.1mnb2.i586.rpm 1ed885e2a23ca5f9bdaa5796615feeea 2010.1/i586/liblvm2app2.1-2.02.61-5.1mnb2.i586.rpm 9a62cea841692f4a744019664cb6b959 2010.1/i586/liblvm2cmd2.02-2.02.61-5.1mnb2.i586.rpm a1bc253b7a92b6c7b1ac96e7e2521ee3 2010.1/i586/liblvm2cmd-devel-2.02.61-5.1mnb2.i586.rpm 972c3885883f95b793e4dfaa46121685 2010.1/i586/liblvm2-devel-2.02.61-5.1mnb2.i586.rpm 08190534acaa182f48f8c2aca8b3ad31 2010.1/i586/lvm2-2.02.61-5.1mnb2.i586.rpm 3de3e283a5907efe36b7f5b9038c32a2 2010.1/SRPMS/lvm2-2.02.61-5.1mnb2.src.rpm Mandriva Linux 2010.1/X86_64: 3c33074b320e7b7651b9872674bce70b 2010.1/x86_64/clvmd-2.02.61-5.1mnb2.x86_64.rpm e0bcdee0b2f4e725bfd17b35a9959aa0 2010.1/x86_64/cmirror-2.02.61-5.1mnb2.x86_64.rpm 47c54c45f3f00ae9fe0f9176623739ac 2010.1/x86_64/dmsetup-1.02.44-5.1mnb2.x86_64.rpm 0b25f189581132d3d0bcf736f66ae4c9 2010.1/x86_64/lib64devmapper1.02-1.02.44-5.1mnb2.x86_64.rpm d3b6a286c01ed42a08301f5425d5e13b 2010.1/x86_64/lib64devmapper-devel-1.02.44-5.1mnb2.x86_64.rpm 7f0596865ef0a8baec758a106a030749 2010.1/x86_64/lib64devmapper-event1.02-1.02.44-5.1mnb2.x86_64.rpm 9346f3ad1ce7d7b9cb68ab77adf1d809 2010.1/x86_64/lib64devmapper-event-devel-1.02.44-5.1mnb2.x86_64.rpm 4c70fc76e4330e61d8b013e5f5396349 2010.1/x86_64/lib64lvm2app2.1-2.02.61-5.1mnb2.x86_64.rpm 248c9c277bd694c1c5f239f2f8dcb983 2010.1/x86_64/lib64lvm2cmd2.02-2.02.61-5.1mnb2.x86_64.rpm edd014cb4cd0a637ca2e6038d6473958 2010.1/x86_64/lib64lvm2cmd-devel-2.02.61-5.1mnb2.x86_64.rpm 5a5db48748ff8e3ad9c6fcfbab003013 2010.1/x86_64/lib64lvm2-devel-2.02.61-5.1mnb2.x86_64.rpm 8ba0060f839c48eda20db9299933f527 2010.1/x86_64/lvm2-2.02.61-5.1mnb2.x86_64.rpm 3de3e283a5907efe36b7f5b9038c32a2 2010.1/SRPMS/lvm2-2.02.61-5.1mnb2.src.rpm _______________________________________________________________________ To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. All packages are signed by Mandriva for security. You can obtain the GPG public key of the Mandriva Security Team by executing: gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98 You can view other update advisories for Mandriva Linux at: http://www.mandriva.com/security/advisories If you want to report vulnerabilities, please contact security_(at)_mandriva.com _______________________________________________________________________ Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Mandriva Security Team <security*mandriva.com> -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) iD8DBQFMhMgBmqjQ0CJFipgRAoeBAKCwND3HDmabTzsVVnJJB9Tq6+imGQCgqRAE DFyM1mq7f33nL+kHFr1LlBo= =zRsP -----END PGP SIGNATURE-----
Powered by blists - more mailing lists